Search criteria

36 vulnerabilities found for simatic_wincc_runtime_advanced by siemens

FKIE_CVE-2021-27383

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:57
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens sinamics_sh150_firmware *
siemens sinamics_sh150 -
siemens sinamics_sm150i_firmware *
siemens sinamics_sm150i -
siemens sinamics_gh150_firmware *
siemens sinamics_gh150 -
siemens sinamics_gl150_firmware *
siemens sinamics_gl150 -
siemens sinamics_gm150_firmware *
siemens sinamics_gm150 -
siemens sinamics_sl150_firmware *
siemens sinamics_sl150 -
siemens sinamics_sm120_firmware *
siemens sinamics_sm120 -
siemens sinamics_sm150_firmware *
siemens sinamics_sm150 -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones), SINAMICS GL150 (con la opci\u00f3n X30) (Todas las versiones), SINAMICS GM150 (with option X30) (Todas las versiones), SINAMICS SH150 (Todas las versiones), SINAMICS SL150 (Todas las versiones), SINAMICS SM120 (Todas las versiones), SINAMICS SM150 (Todas las versiones), SINAMICS SM150i (Todas las versiones). SmartVNC tiene una vulnerabilidad de fuga de asignaci\u00f3n de heap en el codificador Tight del servidor, que podr\u00eda dar lugar a una condici\u00f3n de denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2021-27383",
  "lastModified": "2024-11-21T05:57:53.060",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.633",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

FKIE_CVE-2021-27386

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:57
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens sinamics_sh150_firmware *
siemens sinamics_sh150 -
siemens sinamics_sm150i_firmware *
siemens sinamics_sm150i -
siemens sinamics_gh150_firmware *
siemens sinamics_gh150 -
siemens sinamics_gl150_firmware *
siemens sinamics_gl150 -
siemens sinamics_gm150_firmware *
siemens sinamics_gm150 -
siemens sinamics_sl150_firmware *
siemens sinamics_sl150 -
siemens sinamics_sm120_firmware *
siemens sinamics_sm120 -
siemens sinamics_sm150_firmware *
siemens sinamics_sm150 -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones), SINAMICS GL150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS GM150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS SH150 (Todas las versiones), SINAMICS SL150 (Todas las versiones), SINAMICS SM120 (Todas las versiones), SINAMICS SM150 (Todas las versiones), SINAMICS SM150i (Todas las versiones). SmartVNC presenta una vulnerabilidad de fuga de asignaci\u00f3n de la pila en el manejador de dise\u00f1o del dispositivo en el lado del cliente, lo que podr\u00eda resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio"
    }
  ],
  "id": "CVE-2021-27386",
  "lastModified": "2024-11-21T05:57:53.533",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.767",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

FKIE_CVE-2021-25661

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:55
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4). SmartVNC tiene una vulnerabilidad de acceso a la memoria fuera de los l\u00edmites que podr\u00eda activarse en el lado del cliente al enviar datos desde el servidor, lo que podr\u00eda dar lugar a una condici\u00f3n de denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2021-25661",
  "lastModified": "2024-11-21T05:55:14.483",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.300",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-25660

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:55
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfPatch, Vendor Advisory
Impacted products
Vendor Product Version
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" y 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4). SmartVNC presenta una vulnerabilidad de acceso a la memoria fuera de l\u00edmites que podr\u00eda ser desencadenada en el lado del servidor al enviar datos desde el cliente, lo que podr\u00eda resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio"
    }
  ],
  "id": "CVE-2021-25660",
  "lastModified": "2024-11-21T05:55:14.307",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.253",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

FKIE_CVE-2021-27384

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:57
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfPatch, Vendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfPatch, Vendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-11Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens sinamics_sh150_firmware *
siemens sinamics_sh150 -
siemens sinamics_sm150i_firmware *
siemens sinamics_sm150i -
siemens sinamics_gh150_firmware *
siemens sinamics_gh150 -
siemens sinamics_gl150_firmware *
siemens sinamics_gl150 -
siemens sinamics_gm150_firmware *
siemens sinamics_gm150 -
siemens sinamics_sl150_firmware *
siemens sinamics_sl150 -
siemens sinamics_sm120_firmware *
siemens sinamics_sm120 -
siemens sinamics_sm150_firmware *
siemens sinamics_sm150 -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones anteriores), SINAMICS GL150 (with option X30) (Todas las versiones anteriores), SINAMICS GM150 (with option X30) (Todas las versiones anteriores), SINAMICS SH150 (Todas las versiones anteriores), SINAMICS SL150 (Todas las versiones anteriores), SINAMICS SM120 (Todas las versiones anteriores), SINAMICS SM150 (Todas las versiones anteriores), SINAMICS SM150i (Todas las versiones anteriores). SmartVNC tiene una vulnerabilidad de acceso a memoria fuera de l\u00edmites en el manejador de dise\u00f1o del dispositivo, representado por un flujo de datos binarios en el lado del cliente, que potencialmente puede resultar en la ejecuci\u00f3n de c\u00f3digo"
    }
  ],
  "id": "CVE-2021-27384",
  "lastModified": "2024-11-21T05:57:53.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.677",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-27385

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:57
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens sinamics_sh150_firmware *
siemens sinamics_sh150 -
siemens sinamics_sm150i_firmware *
siemens sinamics_sm150i -
siemens sinamics_gh150_firmware *
siemens sinamics_gh150 -
siemens sinamics_gl150_firmware *
siemens sinamics_gl150 -
siemens sinamics_gm150_firmware *
siemens sinamics_gm150 -
siemens sinamics_sl150_firmware *
siemens sinamics_sl150 -
siemens sinamics_sm120_firmware *
siemens sinamics_sm120 -
siemens sinamics_sm150_firmware *
siemens sinamics_sm150 -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones), SINAMICS GL150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS GM150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS SH150 (Todas las versiones), SINAMICS SL150 (Todas las versiones), SINAMICS SM120 (Todas las versiones), SINAMICS SM150 (Todas las versiones), SINAMICS SM150i (Todas las versiones). Un atacante remoto podr\u00eda enviar paquetes especialmente dise\u00f1ados al manejador de dise\u00f1o de dispositivos SmartVNC en el lado del cliente, lo que podr\u00eda influir en la cantidad de recursos consumidos y dar lugar a una condici\u00f3n de denegaci\u00f3n de servicio (bucle infinito)"
    }
  ],
  "id": "CVE-2021-27385",
  "lastModified": "2024-11-21T05:57:53.380",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.727",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-25662

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:55
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4). El cliente SmartVNC presenta un fallo al manejar una excepci\u00f3n apropiadamente si el proceso de ejecuci\u00f3n del programa es modificado despu\u00e9s de enviar un paquete desde el servidor, lo que podr\u00eda resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio"
    }
  ],
  "id": "CVE-2021-25662",
  "lastModified": "2024-11-21T05:55:14.660",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.343",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-3449

Vulnerability from fkie_nvd - Published: 2021-03-25 15:15 - Updated: 2024-11-21 06:21
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
References
openssl-security@openssl.orghttp://www.openwall.com/lists/oss-security/2021/03/27/1Mailing List, Third Party Advisory
openssl-security@openssl.orghttp://www.openwall.com/lists/oss-security/2021/03/27/2Mailing List, Third Party Advisory
openssl-security@openssl.orghttp://www.openwall.com/lists/oss-security/2021/03/28/3Mailing List, Third Party Advisory
openssl-security@openssl.orghttp://www.openwall.com/lists/oss-security/2021/03/28/4Mailing List, Third Party Advisory
openssl-security@openssl.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfThird Party Advisory
openssl-security@openssl.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdfPatch, Third Party Advisory
openssl-security@openssl.orghttps://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148
openssl-security@openssl.orghttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845Third Party Advisory
openssl-security@openssl.orghttps://kc.mcafee.com/corporate/index?page=content&id=SB10356Third Party Advisory
openssl-security@openssl.orghttps://lists.debian.org/debian-lts-announce/2021/08/msg00029.htmlMailing List, Third Party Advisory
openssl-security@openssl.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/
openssl-security@openssl.orghttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013Third Party Advisory
openssl-security@openssl.orghttps://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.ascThird Party Advisory
openssl-security@openssl.orghttps://security.gentoo.org/glsa/202103-03Third Party Advisory
openssl-security@openssl.orghttps://security.netapp.com/advisory/ntap-20210326-0006/Third Party Advisory
openssl-security@openssl.orghttps://security.netapp.com/advisory/ntap-20210513-0002/Third Party Advisory
openssl-security@openssl.orghttps://security.netapp.com/advisory/ntap-20240621-0006/
openssl-security@openssl.orghttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJdThird Party Advisory
openssl-security@openssl.orghttps://www.debian.org/security/2021/dsa-4875Third Party Advisory
openssl-security@openssl.orghttps://www.openssl.org/news/secadv/20210325.txtVendor Advisory
openssl-security@openssl.orghttps://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/security-alerts/cpujul2022.htmlThird Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlThird Party Advisory
openssl-security@openssl.orghttps://www.tenable.com/security/tns-2021-05Third Party Advisory
openssl-security@openssl.orghttps://www.tenable.com/security/tns-2021-06Third Party Advisory
openssl-security@openssl.orghttps://www.tenable.com/security/tns-2021-09Third Party Advisory
openssl-security@openssl.orghttps://www.tenable.com/security/tns-2021-10Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/03/27/1Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/03/27/2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/03/28/3Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/03/28/4Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdfPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148
af854a3a-2127-422b-91ae-364da2661108https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10356Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/08/msg00029.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/
af854a3a-2127-422b-91ae-364da2661108https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.ascThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202103-03Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210326-0006/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210513-0002/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20240621-0006/
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJdThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2021/dsa-4875Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv/20210325.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujul2022.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2021-05Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2021-06Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2021-09Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2021-10Third Party Advisory
Impacted products
Vendor Product Version
openssl openssl *
debian debian_linux 9.0
debian debian_linux 10.0
freebsd freebsd 12.2
freebsd freebsd 12.2
freebsd freebsd 12.2
netapp active_iq_unified_manager -
netapp cloud_volumes_ontap_mediator -
netapp e-series_performance_analyzer -
netapp oncommand_insight -
netapp oncommand_workflow_automation -
netapp ontap_select_deploy_administration_utility -
netapp santricity_smi-s_provider -
netapp snapcenter -
netapp storagegrid -
tenable log_correlation_engine *
tenable nessus *
tenable nessus_network_monitor 5.11.0
tenable nessus_network_monitor 5.11.1
tenable nessus_network_monitor 5.12.0
tenable nessus_network_monitor 5.12.1
tenable nessus_network_monitor 5.13.0
tenable tenable.sc *
fedoraproject fedora 34
mcafee web_gateway 8.2.19
mcafee web_gateway 9.2.10
mcafee web_gateway 10.1.1
mcafee web_gateway_cloud_service 8.2.19
mcafee web_gateway_cloud_service 9.2.10
mcafee web_gateway_cloud_service 10.1.1
checkpoint quantum_security_management_firmware r80.40
checkpoint quantum_security_management_firmware r81
checkpoint quantum_security_management -
checkpoint multi-domain_management_firmware r80.40
checkpoint multi-domain_management_firmware r81
checkpoint multi-domain_management -
checkpoint quantum_security_gateway_firmware r80.40
checkpoint quantum_security_gateway_firmware r81
checkpoint quantum_security_gateway -
oracle communications_communications_policy_management 12.6.0.0.0
oracle enterprise_manager_for_storage_management 13.4.0.0
oracle essbase 21.2
oracle graalvm 19.3.5
oracle graalvm 20.3.1.2
oracle graalvm 21.0.0.2
oracle jd_edwards_enterpriseone_tools *
oracle jd_edwards_world_security a9.4
oracle mysql_connectors *
oracle mysql_server *
oracle mysql_server *
oracle mysql_workbench *
oracle peoplesoft_enterprise_peopletools 8.57
oracle peoplesoft_enterprise_peopletools 8.58
oracle peoplesoft_enterprise_peopletools 8.59
oracle primavera_unifier *
oracle primavera_unifier 19.12
oracle primavera_unifier 20.12
oracle primavera_unifier 21.12
oracle secure_backup *
oracle secure_global_desktop 5.6
oracle zfs_storage_appliance_kit 8.8
sonicwall sma100_firmware *
sonicwall sma100 -
sonicwall capture_client 3.5
sonicwall sonicos 7.0.1.0
siemens ruggedcom_rcm1224_firmware *
siemens ruggedcom_rcm1224 -
siemens scalance_lpe9403_firmware *
siemens scalance_lpe9403 -
siemens scalance_m-800_firmware *
siemens scalance_m-800 -
siemens scalance_s602_firmware *
siemens scalance_s602 -
siemens scalance_s612_firmware *
siemens scalance_s612 -
siemens scalance_s615_firmware *
siemens scalance_s615 -
siemens scalance_s623_firmware *
siemens scalance_s623 -
siemens scalance_s627-2m_firmware *
siemens scalance_s627-2m -
siemens scalance_sc-600_firmware *
siemens scalance_sc-600 -
siemens scalance_w700_firmware *
siemens scalance_w700 -
siemens scalance_w1700_firmware *
siemens scalance_w1700 -
siemens scalance_xb-200_firmware *
siemens scalance_xb-200 -
siemens scalance_xc-200_firmware *
siemens scalance_xc-200 -
siemens scalance_xf-200ba_firmware *
siemens scalance_xf-200ba -
siemens scalance_xm-400_firmware *
siemens scalance_xm-400 -
siemens scalance_xp-200_firmware *
siemens scalance_xp-200 -
siemens scalance_xr-300wg_firmware *
siemens scalance_xr-300wg -
siemens scalance_xr524-8c_firmware *
siemens scalance_xr524-8c -
siemens scalance_xr526-8c_firmware *
siemens scalance_xr526-8c -
siemens scalance_xr528-6m_firmware *
siemens scalance_xr528-6m -
siemens scalance_xr552-12_firmware *
siemens scalance_xr552-12 -
siemens simatic_cloud_connect_7_firmware *
siemens simatic_cloud_connect_7_firmware -
siemens simatic_cloud_connect_7 -
siemens simatic_cp_1242-7_gprs_v2_firmware *
siemens simatic_cp_1242-7_gprs_v2_firmware -
siemens simatic_cp_1242-7_gprs_v2 -
siemens simatic_hmi_basic_panels_2nd_generation_firmware *
siemens simatic_hmi_basic_panels_2nd_generation -
siemens simatic_hmi_comfort_outdoor_panels_firmware *
siemens simatic_hmi_comfort_outdoor_panels -
siemens simatic_hmi_ktp_mobile_panels_firmware *
siemens simatic_hmi_ktp_mobile_panels -
siemens simatic_mv500_firmware *
siemens simatic_mv500 -
siemens simatic_net_cp_1243-1_firmware *
siemens simatic_net_cp_1243-1 -
siemens simatic_net_cp1243-7_lte_eu_firmware *
siemens simatic_net_cp1243-7_lte_eu -
siemens simatic_net_cp1243-7_lte_us_firmware *
siemens simatic_net_cp1243-7_lte_us -
siemens simatic_net_cp_1243-8_irc_firmware *
siemens simatic_net_cp_1243-8_irc -
siemens simatic_net_cp_1542sp-1_irc_firmware *
siemens simatic_net_cp_1542sp-1_irc -
siemens simatic_net_cp_1543-1_firmware *
siemens simatic_net_cp_1543-1 -
siemens simatic_net_cp_1543sp-1_firmware *
siemens simatic_net_cp_1543sp-1 -
siemens simatic_net_cp_1545-1_firmware *
siemens simatic_net_cp_1545-1 -
siemens simatic_pcs_7_telecontrol_firmware *
siemens simatic_pcs_7_telecontrol -
siemens simatic_pcs_neo_firmware *
siemens simatic_pcs_neo -
siemens simatic_pdm_firmware *
siemens simatic_pdm -
siemens simatic_process_historian_opc_ua_server_firmware *
siemens simatic_process_historian_opc_ua_server -
siemens simatic_rf166c_firmware *
siemens simatic_rf166c -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf186ci_firmware *
siemens simatic_rf186ci -
siemens simatic_rf188c_firmware *
siemens simatic_rf188c -
siemens simatic_rf188ci_firmware *
siemens simatic_rf188ci -
siemens simatic_rf360r_firmware *
siemens simatic_rf360r -
siemens simatic_s7-1200_cpu_1211c_firmware *
siemens simatic_s7-1200_cpu_1211c -
siemens simatic_s7-1200_cpu_1212c_firmware *
siemens simatic_s7-1200_cpu_1212c -
siemens simatic_s7-1200_cpu_1212fc_firmware *
siemens simatic_s7-1200_cpu_1212fc -
siemens simatic_s7-1200_cpu_1214_fc_firmware *
siemens simatic_s7-1200_cpu_1214_fc -
siemens simatic_s7-1200_cpu_1214c_firmware *
siemens simatic_s7-1200_cpu_1214c -
siemens simatic_s7-1200_cpu_1214_fc_firmware *
siemens simatic_s7-1200_cpu_1214_fc -
siemens simatic_s7-1200_cpu_1215_fc_firmware *
siemens simatic_s7-1200_cpu_1215_fc -
siemens simatic_s7-1200_cpu_1215c_firmware *
siemens simatic_s7-1200_cpu_1215c -
siemens simatic_s7-1200_cpu_1217c_firmware *
siemens simatic_s7-1200_cpu_1217c -
siemens simatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmware *
siemens simatic_s7-1500_cpu_1518-4_pn\/dp_mfp -
siemens sinamics_connect_300_firmware *
siemens sinamics_connect_300 -
siemens tim_1531_irc_firmware *
siemens tim_1531_irc -
siemens simatic_logon *
siemens simatic_logon 1.5
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_telecontrol -
siemens sinec_nms 1.0
siemens sinec_nms 1.0
siemens sinec_pni -
siemens sinema_server 14.0
siemens sinema_server 14.0
siemens sinema_server 14.0
siemens sinema_server 14.0
siemens sinema_server 14.0
siemens sinumerik_opc_ua_server *
siemens tia_administrator *
siemens sinec_infrastructure_network_services *
nodejs node.js *
nodejs node.js *
nodejs node.js *
nodejs node.js *
nodejs node.js *
nodejs node.js *
nodejs node.js *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B213E696-A6D9-45E7-B4E4-E4CFE54ECEB8",
              "versionEndExcluding": "1.1.1k",
              "versionStartIncluding": "1.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "73D9C08B-8F5B-40C4-A5BD-B00D2E4C012D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "62A178A3-6A52-4981-9A27-FB07AD8AF778",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "54A487B1-E5CE-4C76-87E8-518D24C5D86D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "280AA828-6FA9-4260-8EC1-019423B966E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24B8DB06-590A-4008-B0AB-FCD1401C77C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "361B791A-D336-4431-8F68-8135BEFFAEA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ADFF451-740F-4DBA-BD23-3881945D3E40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4ACF85D6-6B45-43DA-9C01-F0208186F014",
              "versionEndExcluding": "6.0.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AC12300-9051-4C70-9941-9FE5E64B4B30",
              "versionEndIncluding": "8.13.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "657682A0-54D5-4DC6-A98E-8BAF685926C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FC5C76C-3474-4B26-8CF0-2DFAFA3D5458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8661D361-71B5-4C41-A818-C89EC551D900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "253603DC-2D92-442A-B3A8-A63E14D8A070",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E112CFF-31F9-4D87-9A1B-AE0FCF69615E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC1721B5-9FCD-47C3-8338-E02932CF2C05",
              "versionEndIncluding": "5.17.0",
              "versionStartIncluding": "5.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway:8.2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEA7F1FD-9FAB-4654-98B0-4588EEC8B69A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway:9.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "868B2C4B-CE6B-41DA-A373-7D4FA51EFE9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "550F47A2-3393-481E-BC40-CE606BFA8776",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway_cloud_service:8.2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "43392D27-6C07-41C7-A17F-10C433338CE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway_cloud_service:9.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FBF6C4C-195F-49A7-861D-52677D9BE58D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway_cloud_service:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "90732D53-E802-4E1B-B6C8-B1FDCE7905A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r80.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A98B128A-C58E-48EC-B691-AF73126A0822",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r81:*:*:*:*:*:*:*",
              "matchCriteriaId": "345B990F-C1C4-440B-804E-0A2882FE7C01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:checkpoint:quantum_security_management:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08601413-25E2-4977-B67A-C11A9D788EA8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r80.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFC067CC-EB90-43F5-9674-089D5C611573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r81:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B223A7-1039-445D-ABE1-5E481004D956",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:checkpoint:multi-domain_management:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1584E1B4-412C-40E2-BF07-4E464692F2AE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0002A29-8B42-445D-9EC4-58BC93194241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B0EDB21-9305-4601-AB96-A77BD00F311D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:communications_communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "570DB369-A31B-4108-A7FD-09F674129603",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61516569-C48F-4362-B334-8CA10EDB0EC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "394A16F2-CCD4-44E5-BF6B-E0C782A9FA38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "058C7C4B-D692-49DE-924A-C2725A8162D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "0F0434A5-F2A1-4973-917C-A95F2ABE97D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "96DD93E0-274E-4C36-99F3-EEF085E57655",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86305E47-33E9-411C-B932-08C395C09982",
              "versionEndExcluding": "9.2.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B1CAD50-749F-4ADB-A046-BF3585677A58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8782A14-89B0-45EE-A5CB-FF715F5BA379",
              "versionEndIncluding": "8.0.23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C40ECC8-933B-47A4-8082-FCF0EF9C973E",
              "versionEndIncluding": "5.7.33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32714AD7-BCD1-4624-9923-5E6D927CF3CB",
              "versionEndIncluding": "8.0.23",
              "versionStartIncluding": "8.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1A94E1-A6C6-488D-A74C-6C0B24637272",
              "versionEndIncluding": "8.0.23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9",
              "versionEndIncluding": "17.12",
              "versionStartIncluding": "17.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C55C69-E22E-4B80-9371-5CD821D79FE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C01E8B82-71C7-4A4A-A70A-7B147524AB4A",
              "versionEndExcluding": "18.1.0.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:secure_global_desktop:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DA11710-9EA8-49B4-8FD1-3AEE442F6ADC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E8B6D50-D482-43E9-A20D-FA77FD59AE2D",
              "versionEndExcluding": "10.2.1.0-17sv",
              "versionStartIncluding": "10.2.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sonicwall:sma100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4A2B7B-40F5-4AE0-ACC7-E94B82435DBA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sonicwall:capture_client:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "349EB4AE-65E3-42DC-8F9C-3A1A155324D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sonicwall:sonicos:7.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD8688A-2D55-4A7E-A143-1BD0FCF957B0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rcm1224_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5081E52B-E7C0-46BD-B1D0-2C70ABCC8831",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rcm1224:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3747CDD7-E833-4B68-A362-77D6A2E9D888",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "058D21EA-E94C-4DDC-AD92-967DAC934457",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52A77C9D-E59C-4397-B834-797D7B334A6B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "424CD8EA-D8CB-40C7-8E0F-AC4B05C59C99",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB9921A-5204-40A3-88AB-B7755F5C6875",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s602_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "858B6A84-5D0E-4E23-AE32-A45B51BAC8CF",
              "versionStartIncluding": "4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s602:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4D89D82-C2CE-44DC-A05B-B956F20BF4E3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s612_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D173626B-9C50-489F-8BA4-1C45E5F96526",
              "versionStartIncluding": "4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s612:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA7B48D2-0D17-420D-AAE1-35E5C0BE2924",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E967F5FC-6F3E-4982-8813-CA1DAF3BE165",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s623_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F315D8-0B26-4442-B330-85124017A482",
              "versionStartIncluding": "4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s623:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F80D9A79-7984-462B-B4B9-6A4429422038",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s627-2m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F20F735-7A70-4A24-9621-786F99C8F87D",
              "versionStartIncluding": "4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s627-2m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B51B40F8-71D2-4D2D-8EC2-CE154A6D7533",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "973B8030-B630-4D67-B897-25A359A96185",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725C671B-D7A0-48CF-8A31-5F9C4173F1DD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86EA8E3F-81BD-47BC-9834-A9B69CA7E70C",
              "versionStartIncluding": "6.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3033B1E-57A6-4AE3-A861-7047CF8EAD79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE116AD9-B55F-41C8-8B55-329809DB63E1",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_w1700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D9A73DD-4A21-4096-B4B6-A0A825E71006",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "144CDF5E-7E07-428B-B4DF-C94992B3A44A",
              "versionEndExcluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "339FFBDF-6957-481F-84CE-878B5CAAD9C8",
              "versionEndExcluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7719E194-EE3D-4CE8-8C85-CF0D82A553AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FBB13D3-4E04-4D01-B880-C16C4FFA240B",
              "versionEndExcluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58377C58-F660-4C17-A3CB-BFC2F28848CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E40058B3-3726-4F6A-AB41-7679487639F2",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "798E900F-5EF9-4B39-B8C2-79FAE659E7F5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E642D10-E701-44DF-863B-D0DAA5530F50",
              "versionEndExcluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F962FC7-0616-467F-8CCA-ADEA224B5F7B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A53C2B5-A3FD-44CC-A78B-D2124EF37DB4",
              "versionEndExcluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54FBE4D4-F31E-4B61-9216-44C8EC2988AB",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr524-8c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E6B7D8-3F9E-43D6-AEFE-DEE3993679C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20511D61-FC1D-453E-BDF6-D3FB9951192A",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr526-8c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67661569-6233-4C74-9C72-88BD14B257FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "640AC619-B516-46FC-821B-09C4542A3FD6",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr528-6m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E048C4A-A414-4C87-A865-4D4218AE32EE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FB979DB-731B-4693-A9F8-B11ED953717C",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr552-12:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09743616-31C9-4E47-8A4A-B15D76204BE7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "886D2FE6-B054-4E3B-BACB-F08C0A119A80",
              "versionStartIncluding": "1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B185B70-CAC9-47AC-8639-7A4707C21540",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cloud_connect_7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FA78457-260C-467B-9785-04B3C8EDF3B3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABEA3BEE-E7AF-4C9A-ADE4-CE7FC1DB7639",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "049460B8-6186-44F9-B41F-284A2EC0B3B4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp_1242-7_gprs_v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "205482DA-548C-4757-91F0-1599438873BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_basic_panels_2nd_generation_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45208694-635A-42AC-B668-8B67C60568B8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_basic_panels_2nd_generation:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8F8BCE-35CE-492A-8BFE-2C36EA51CE5C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C147D9-4649-4289-B18B-55BD6E33521A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54EFA8B5-8DA1-4547-9E15-BDC265C56006",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1CEB200-E38F-4629-9279-5AF065396678",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE4FA1E6-4C5A-4CDC-AD40-E384C0BCA90D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_mv500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93A5B50E-0316-4189-8F41-54732CFCF63F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D254DA1D-C53E-426B-9C69-580CC47CF0AA",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65278BA0-3C81-4D81-9801-D7BE3A1D7680",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C06A02ED-0BA3-4A2C-AF0C-689B8AEB34B8",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp1243-7_lte_eu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "209C7B1E-10F6-4215-AF69-CC36192E0FCE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_us_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF8C00EE-1154-440C-A223-A2CE99CE3126",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp1243-7_lte_us:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "171A9543-E677-422F-8AEA-1BC2D0E53593",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB201DD3-8890-453E-A11E-1E13B3DAB3F9",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "350FD323-C876-4C7A-A2E7-4B0660C87F6C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61E498B1-87FF-454B-8DF0-61D0D3208491",
              "versionStartIncluding": "2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EE2F10-A7A6-486F-AE5C-53AE25BAF200",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90FB801F-11B5-438C-98A1-E928BFEA2ADB",
              "versionEndExcluding": "3.0",
              "versionStartIncluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F56C2BDC-928E-491A-8E7C-F976B3787C7A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4BA1E6-64F7-4B96-8302-134057DAB1BE",
              "versionStartIncluding": "2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "783B50B8-2FB7-4982-88AA-B4F2AD094796",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DCA9544-DD17-4F56-B34C-91A3F37154AF",
              "versionStartIncluding": "1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1545-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1256EB4B-DD8A-4F99-AE69-F74E8F789C63",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_pcs_7_telecontrol_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C25165E-EDE9-42F1-A3B9-0E47630D49CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_pcs_7_telecontrol:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF281FB-26E0-43E4-A2B6-4015661368AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_pcs_neo_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEACFC9-41B7-4EE0-9427-692363880326",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_pcs_neo:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF3CA343-CA2A-4593-930C-158612CE7A55",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9AE23E-7DAE-4191-BA4E-A7CD655C4BC8",
              "versionStartIncluding": "9.1.0.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E092B735-42D5-48D5-947B-288C0FA2E180",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D874D636-392A-4750-B976-F411DBCEBA8D",
              "versionStartIncluding": "2019",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_process_historian_opc_ua_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "14EC9343-7778-40B0-A74D-5C156FF2A229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "968FBB4E-5B0B-43D4-B3AD-418028093990",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5212F097-B65A-4D73-BB6F-49687F8AD980",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D806113B-57EB-4AA0-9D5E-12E30337A93B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53FA50A7-2DF6-454E-8A8E-838C392AB417",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F3D41E9-58B3-4251-8710-A8C4A24ABBD3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC628CB7-0816-4267-9C5D-954BD0233D2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E64167-16AA-48D7-BCDC-B15D37FA666D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F1294A-1C26-4D43-9C53-D833F2510536",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3871C0C9-C65E-4E0B-9CA8-75E60066297F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AF60081-D534-44F5-972F-23257F16F372",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07849777-92E7-41D2-9128-F8D20DE15391",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212fc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEF1726E-B56F-4D39-AFF4-E79A3CA00DE6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68B3573B-A31E-4489-B2DD-B01B5C1D03CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CC4A9F7-9858-4F95-8097-F8D09DA61314",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B640800C-9263-4BEA-9DA5-1323932540BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4948734A-0AAD-4D28-B7FF-FFBBB9AA39C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE17584A-BF7A-48B8-A9CB-477663766C63",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CC4A9F7-9858-4F95-8097-F8D09DA61314",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B640800C-9263-4BEA-9DA5-1323932540BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215_fc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EE37798-B068-40E5-BC03-1D8D303E5926",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215_fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C7D55C-8D99-4E2F-A254-1BDE2B12A203",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E0C491C-5C4A-4F1C-ABD4-9502A54AAA78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC4698CF-F935-4707-BA91-7E3650C7956C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7657063-1296-4734-B108-A2FF7A01B07F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "232279DE-CF1C-4A3C-886D-B4CE3F104F09",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C477CCD-06C7-4907-8B0C-4FCE7F6DADAD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC4FA01-8DDB-41E4-B759-7B504F78AEBC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_connect_300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3360ACCE-E735-4E34-B278-0D4460E74CBF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_connect_300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B854F5B-78C7-41FE-9364-5E71B36342A3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B20D95-C4B3-4D13-A3D8-F22AC42DC059",
              "versionEndExcluding": "2.2",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D94BEB-BBFB-4258-9835-87DBBB999239",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_logon:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6F24E40-F3F0-48F3-B3DC-5F98B0564F7A",
              "versionStartIncluding": "1.6.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_logon:1.5:sp3_update_1:*:*:*:*:*:*",
              "matchCriteriaId": "423359E5-9C36-4C6B-AB24-B030E6C61D53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79EE15DC-74D3-4551-AAD0-EA0CB600DA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_telecontrol:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3169FD3-CBA2-417C-95EF-4F8AE9FAB5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec_nms:1.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "4ED13FC8-63C0-42C6-A51C-C480C45327C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec_nms:1.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "E68FE047-8F53-46B8-82D4-9342B1C8CA55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec_pni:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1353DC31-FB12-427A-B1B2-9164A4BEE14B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "B0A5CC25-A323-4D49-8989-5A417D12D646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "A690BCD3-6497-43F7-8A51-E033B9121DC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "AA375D44-ECC5-4BD3-A3D5-6D2AA68782D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update1:*:*:*:*:*:*",
              "matchCriteriaId": "6CD26C73-B61F-424B-91C2-352E2CAE6666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update2:*:*:*:*:*:*",
              "matchCriteriaId": "DB4EA15F-ECA4-477F-948F-490FC90BC66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinumerik_opc_ua_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABA14E65-214C-431D-A49A-D8FC142D4541",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "915B09CB-CA0A-445B-89D3-16AE9B08858E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0F46497-4AB0-49A7-9453-CC26837BF253",
              "versionEndExcluding": "1.0.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "25A3180B-21AF-4010-9DAB-41ADFD2D8031",
              "versionEndIncluding": "10.12.0",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "43B199B4-D89C-483D-ACAE-6CB2A59EE67C",
              "versionEndIncluding": "10.24.0",
              "versionStartIncluding": "10.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "564ED5C8-50D7-413A-B88E-E62B6C07336A",
              "versionEndIncluding": "12.12.0",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "3DEBF7C8-B000-47B9-B597-DC440F2603B3",
              "versionEndExcluding": "12.22.1",
              "versionStartIncluding": "12.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "428DCD7B-6F66-4F18-B780-5BD80143D482",
              "versionEndIncluding": "14.14.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "380D03F3-6A7E-43A2-B002-FB2521FD3C58",
              "versionEndExcluding": "14.16.1",
              "versionStartIncluding": "14.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "3ED4D313-F372-4CC1-BE11-6BBA2F0E90E3",
              "versionEndExcluding": "15.14.0",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)."
    },
    {
      "lang": "es",
      "value": "Un servidor OpenSSL TLS puede cometer un fallo si un cliente env\u00eda un mensaje ClientHello de renegociaci\u00f3n dise\u00f1ado maliciosamente.\u0026#xa0;Si una renegociaci\u00f3n de TLSv1.2 ClientHello omite la extensi\u00f3n signature_algorithms (donde estaba presente en el ClientHello inicial), pero incluye una extensi\u00f3n signature_algorithms_cert, se producir\u00e1 una desreferencia del puntero NULL, lo que conllevar\u00e1 un bloqueo y un ataque de denegaci\u00f3n de servicio.\u0026#xa0;Un servidor solo es vulnerable si tiene TLSv1.2 y la renegociaci\u00f3n habilitada (que es la configuraci\u00f3n predeterminada).\u0026#xa0;Los clientes de OpenSSL TLS no est\u00e1n afectados por este problema.\u0026#xa0;Todas las versiones de OpenSSL versi\u00f3n 1.1.1 est\u00e1n afectadas por este problema.\u0026#xa0;Los usuarios de estas versiones deben actualizar a OpenSSL versi\u00f3n 1.1.1k.\u0026#xa0;OpenSSL versi\u00f3n 1.0.2 no est\u00e1 afectado por este problema.\u0026#xa0;Corregido en OpenSSL versi\u00f3n 1.1.1k (Afectadas versiones 1.1.1-1.1.1j)"
    }
  ],
  "id": "CVE-2021-3449",
  "lastModified": "2024-11-21T06:21:33.050",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-03-25T15:15:13.450",
  "references": [
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202103-03"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2021/dsa-4875"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv/20210325.txt"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-05"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-06"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-09"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202103-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2021/dsa-4875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv/20210325.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-05"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-06"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-10"
    }
  ],
  "sourceIdentifier": "openssl-security@openssl.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2020-7592

Vulnerability from fkie_nvd - Published: 2020-07-14 14:15 - Updated: 2024-11-21 05:37
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI KTP700F Mobile Arctic (All versions), SIMATIC HMI Mobile Panels 2nd Generation (All versions), SIMATIC WinCC Runtime Advanced (All versions). Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have access to sensitive information.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-20-196-04Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_hmi_basic_panels_1st_generation *
siemens simatic_hmi_basic_panels_2nd_generation *
siemens simatic_wincc_runtime_advanced *
siemens simatic_hmi_comfort_panels_firmware *
siemens simatic_hmi_comfort_panels -
siemens simatic_hmi_ktp700f_mobile_arctic_firmware *
siemens simatic_hmi_ktp700f_mobile_arctic -
siemens simatic_hmi_mobile_panels_2nd_generation_firmware *
siemens simatic_hmi_mobile_panels_2nd_generation -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_hmi_basic_panels_1st_generation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF9AA1D8-BDF6-40EC-8D04-49C5EAB39431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_hmi_basic_panels_2nd_generation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E561873-49B4-4D85-8D40-9D33CEE7E7CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79EE15DC-74D3-4551-AAD0-EA0CB600DA76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C98A381-02D5-460E-8849-63F4576BC52C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp700f_mobile_arctic_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAC6E895-5577-4047-B7CC-95398563984D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp700f_mobile_arctic:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4631C615-B2A4-40C3-9D1A-A1AD3C64EC51",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_mobile_panels_2nd_generation_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08693615-7A47-4062-A73D-7CDE359826F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_mobile_panels_2nd_generation:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D5490F-EACA-467F-89ED-988A45393EAC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI KTP700F Mobile Arctic (All versions), SIMATIC HMI Mobile Panels 2nd Generation (All versions), SIMATIC WinCC Runtime Advanced (All versions). Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have access to sensitive information."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Basic Panels 1st Generation (incluyendo las variantes SIPLUS) (Todas las versiones), SIMATIC HMI Basic Panels 2nd Generation (incluyendo las variantes SIPLUS) (Todas las versiones), SIMATIC HMI Comfort Panels (incluyendo las variantes SIPLUS) (Todas las versiones), SIMATIC HMI KTP700F Mobile Arctic (Todas las versiones), SIMATIC HMI Mobile Panels 2nd Generation (Todas las versiones), SIMATIC WinCC Runtime Advanced (Todas las versiones). Una comunicaci\u00f3n no cifrada entre el software de configuraci\u00f3n y el dispositivo respectivo podr\u00eda permitir a un atacante capturar la comunicaci\u00f3n potencial de texto plano y tener acceso a informaci\u00f3n confidencial"
    }
  ],
  "id": "CVE-2020-7592",
  "lastModified": "2024-11-21T05:37:26.090",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-07-14T14:15:19.073",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-319"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-319"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2020-7580

Vulnerability from fkie_nvd - Published: 2020-06-10 17:15 - Updated: 2024-11-21 05:37
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-20-161-04Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_automatic_tool *
siemens simatic_net_pc *
siemens simatic_net_pc 16
siemens simatic_net_pc 16
siemens simatic_pcs_7 *
siemens simatic_pcs_neo *
siemens simatic_prosave *
siemens simatic_s7-1500_software_controller *
siemens simatic_step_7 *
siemens simatic_step_7 *
siemens simatic_step_7 5.6
siemens simatic_step_7 5.6
siemens simatic_step_7 5.6
siemens simatic_step_7 5.6
siemens simatic_wincc *
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.4
siemens simatic_wincc 7.5
siemens simatic_wincc 7.5
siemens simatic_wincc 7.5
siemens simatic_wincc 7.5
siemens simatic_wincc_open_architecture 3.16
siemens simatic_wincc_open_architecture 3.17
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_professional *
siemens sinamics_startdrive *
siemens sinamics_starter_commissioning_tool *
siemens sinec_network_management_system *
siemens sinema_server *
siemens sinumerik_one_virtual *
siemens sinumerik_operate *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_automatic_tool:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A659B687-1038-42F5-B8AC-A394E41D22A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "744B5953-511F-42CA-80A0-DBE36A6AA144",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "496E3C43-5DA8-4983-8AC6-0F32454E22F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_net_pc:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "17BCC3CD-61D0-416D-A241-D35AF8EE5BF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E3BDF0-B691-4A97-A74A-A65EC910480E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D61D4B81-7F51-49BE-83DD-D2C28D23B0EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_prosave:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB7752CF-D754-4A78-999B-45FE379E03DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "658E1A3F-29D6-48D2-BCCE-0BCC41AC49F6",
              "versionEndExcluding": "21.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAF09D6E-3375-4731-B16D-30B7592EA5FB",
              "versionEndExcluding": "5.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A3CA33C-AFAB-418F-870F-0236B8E55943",
              "versionEndIncluding": "16",
              "versionStartIncluding": "13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_step_7:5.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "851F8474-4568-487D-98FB-47DF7EAEAC3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_step_7:5.6:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "81EADA2F-884C-4D72-8489-71025B3EBAEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "78366D2F-B728-47F6-B539-5FB2D1B0419D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2_hotfix1:*:*:*:*:*:*",
              "matchCriteriaId": "06A86DA0-BC1F-4306-B02E-ED2FA36BE273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F39B396-140B-4005-9A61-F984C9FAF742",
              "versionEndExcluding": "7.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "2637C346-8AAF-481F-AFB0-BAD4254D14F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update1:*:*:*:*:*:*",
              "matchCriteriaId": "BF8404AB-579E-4C6B-BCA7-E95F2CE24F7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update10:*:*:*:*:*:*",
              "matchCriteriaId": "88F6B3BF-727F-432E-89D8-37FB7C76FE2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update11:*:*:*:*:*:*",
              "matchCriteriaId": "62EB588C-CBB4-4B17-9BB5-B14B1FC6BB21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update12:*:*:*:*:*:*",
              "matchCriteriaId": "AF3F613C-6707-4517-B4B8-530C912B79E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update13:*:*:*:*:*:*",
              "matchCriteriaId": "590F62CE-9245-4AC9-9FBC-35136E217B0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update2:*:*:*:*:*:*",
              "matchCriteriaId": "241D5A28-FB22-4C5B-A067-733168E847BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update3:*:*:*:*:*:*",
              "matchCriteriaId": "A5418F92-84A9-439C-B86C-ED5820697603",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update4:*:*:*:*:*:*",
              "matchCriteriaId": "40631FBD-116B-4589-B77A-6C5A69990F73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update5:*:*:*:*:*:*",
              "matchCriteriaId": "64B14972-6163-4D44-A9C6-16328E02AC69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update6:*:*:*:*:*:*",
              "matchCriteriaId": "8929E926-740F-4F17-B52C-4C73914B1818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update7:*:*:*:*:*:*",
              "matchCriteriaId": "D4F72666-D10A-4EB2-80D3-18B04C101256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update8:*:*:*:*:*:*",
              "matchCriteriaId": "0E343221-1E1A-4EE7-80AE-AB24E2244BA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update9:*:*:*:*:*:*",
              "matchCriteriaId": "1BF716D7-0A77-400F-9B43-64FBE3E65735",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "E79DA14E-419C-49BA-8E4F-2907E1D8937F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "81F9C13C-065C-4E40-BB46-687D791348A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*",
              "matchCriteriaId": "5CF06E69-0A23-418D-B0EC-574DACBB4DD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*",
              "matchCriteriaId": "9164EAC1-C416-4F1F-A910-CE84A167A6D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B9ED7EF-EF58-400F-92C9-3D52D8E39783",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C3F9210-7A1E-4B10-B384-119FD5733A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79EE15DC-74D3-4551-AAD0-EA0CB600DA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C9253AD-BD82-4BB2-84AD-EB1892B60358",
              "versionEndIncluding": "16",
              "versionStartIncluding": "13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinamics_startdrive:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11DB09A-74E1-45EF-A162-9C1E91F54C04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinamics_starter_commissioning_tool:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1976CDDA-F2AF-4C47-804E-2C1DF44FBF41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52F7076E-12F7-4F62-9804-18598C39D3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C55DA617-6333-40DA-AB7D-EE49A453E143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinumerik_one_virtual:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A607E4B7-2F58-4F68-91EB-16874986E92F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinumerik_operate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAFC5C25-EC3C-4EB6-B5B2-478AE9CEF10F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC Automation Tool (Todas las versiones anteriores a la versi\u00f3n V4 SP2), SIMATIC NET PC Software V14 (Todas las versiones anteriores a la versi\u00f3n V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a la versi\u00f3n V16 Upd3), SIMATIC PCS neo (Todas las versiones anteriores a la versi\u00f3n V3.0 SP1), SIMATIC ProSave (Todas las versiones anteriores a la versi\u00f3n V17), SIMATIC S7-1500 Software Controller (Todas las versiones anteriores a la versi\u00f3n V21. 8), SIMATIC STEP 7 (Todas las versiones anteriores a la versi\u00f3n V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (Todas las versiones anteriores a la versi\u00f3n V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (Todas las versiones anteriores a la versi\u00f3n V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a la versi\u00f3n V15. 1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a la versi\u00f3n V16 Update 2), SIMATIC WinCC OA V3.16 (Todas las versiones anteriores a la versi\u00f3n V3.16 P018), SIMATIC WinCC OA V3. 17 (Todas las versiones anteriores a la versi\u00f3n V3.17 P003), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la versi\u00f3n V16 Update 2), SIMATIC WinCC Runtime Professional V13 (Todas las versiones anteriores a la versi\u00f3n V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a la versi\u00f3n V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (Todas las versiones anteriores a la versi\u00f3n V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (Todas las versiones anteriores a la versi\u00f3n V16 Update 2), SIMATIC WinCC V7. 4 (Todas las versiones anteriores a la versi\u00f3n V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versi\u00f3n V7.5 SP1 Update 3), SINAMICS STARTER (Todas las versiones anteriores a la versi\u00f3n V5.4 HF2), SINAMICS Startdrive (Todas las versiones anteriores a la versi\u00f3n V16 Update 3), SINEC NMS (Todas las versiones anteriores a la versi\u00f3n V1. 0 SP2), SINEMA Server (Todas las versiones anteriores a la versi\u00f3n V14 SP3), SINUMERIK ONE virtual (Todas las versiones anteriores a la versi\u00f3n V6.14), SINUMERIK Operate (Todas las versiones anteriores a la versi\u00f3n V6.14). Un componente dentro de la aplicaci\u00f3n afectada llama regularmente a un binario de ayuda con privilegios de SISTEMA mientras la ruta de llamada no est\u00e1 citada"
    }
  ],
  "id": "CVE-2020-7580",
  "lastModified": "2024-11-21T05:37:24.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-06-10T17:15:12.347",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-428"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-428"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

CVE-2021-27385 (GCVE-0-2021-27385)

Vulnerability from cvelistv5 – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.
Severity ?
No CVSS data available.
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:17",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27385",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400: Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27385",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.474Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27386 (GCVE-0-2021-27386)

Vulnerability from cvelistv5 – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401: Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:18",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27386",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-401: Missing Release of Memory after Effective Lifetime"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27386",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25662 (GCVE-0-2021-25662)

Vulnerability from cvelistv5 – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:14",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25662",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-755: Improper Handling of Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25662",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27383 (GCVE-0-2021-27383)

Vulnerability from cvelistv5 – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:15",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27383",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-770: Allocation of Resources Without Limits or Throttling"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27383",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25660 (GCVE-0-2021-25660)

Vulnerability from cvelistv5 – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.734Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:11",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25660",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25660",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27384 (GCVE-0-2021-27384)

Vulnerability from cvelistv5 – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:16",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27384",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27384",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25661 (GCVE-0-2021-25661)

Vulnerability from cvelistv5 – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:12",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25661",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25661",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-3449 (GCVE-0-2021-3449)

Vulnerability from cvelistv5 – Published: 2021-03-25 14:25 – Updated: 2024-09-17 03:43
VLAI?
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
Severity ?
No CVSS data available.
CWE
  • NULL pointer dereference
Assigner
References
https://www.openssl.org/news/secadv/20210325.txt
https://git.openssl.org/gitweb/?p=openssl.git%3Ba…
https://tools.cisco.com/security/center/content/C… vendor-advisory
https://www.debian.org/security/2021/dsa-4875 vendor-advisory
http://www.openwall.com/lists/oss-security/2021/03/27/1 mailing-list
http://www.openwall.com/lists/oss-security/2021/03/27/2 mailing-list
http://www.openwall.com/lists/oss-security/2021/03/28/3 mailing-list
http://www.openwall.com/lists/oss-security/2021/03/28/4 mailing-list
https://security.gentoo.org/glsa/202103-03 vendor-advisory
https://lists.fedoraproject.org/archives/list/pac… vendor-advisory
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.tenable.com/security/tns-2021-10
https://www.tenable.com/security/tns-2021-09
https://security.netapp.com/advisory/ntap-2021051…
https://security.netapp.com/advisory/ntap-2021032…
https://security.FreeBSD.org/advisories/FreeBSD-S…
https://www.tenable.com/security/tns-2021-06
https://www.tenable.com/security/tns-2021-05
https://kc.mcafee.com/corporate/index?page=conten…
https://www.oracle.com//security-alerts/cpujul2021.html
https://cert-portal.siemens.com/productcert/pdf/s…
https://kb.pulsesecure.net/articles/Pulse_Securit…
https://psirt.global.sonicwall.com/vuln-detail/SN…
https://lists.debian.org/debian-lts-announce/2021… mailing-list
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://cert-portal.siemens.com/productcert/pdf/s…
https://www.oracle.com/security-alerts/cpujul2022.html
https://security.netapp.com/advisory/ntap-2024062…
Impacted products
Vendor Product Version
OpenSSL OpenSSL Affected: Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)
Create a notification for this product.
Credits
Peter Kästle (Nokia) and Samuel Sapalski (Nokia)
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:53:17.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20210325.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
          },
          {
            "name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
          },
          {
            "name": "DSA-4875",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2021/dsa-4875"
          },
          {
            "name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
          },
          {
            "name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
          },
          {
            "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
          },
          {
            "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
          },
          {
            "name": "GLSA-202103-03",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202103-03"
          },
          {
            "name": "FEDORA-2021-cbf14ab8f9",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-09"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-06"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-05"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
          },
          {
            "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Peter K\u00e4stle (Nokia) and Samuel Sapalski (Nokia)"
        }
      ],
      "datePublic": "2021-03-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "lang": "eng",
              "url": "https://www.openssl.org/policies/secpolicy.html#High",
              "value": "High"
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "NULL pointer dereference",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-21T19:05:57.096577",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "url": "https://www.openssl.org/news/secadv/20210325.txt"
        },
        {
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
        },
        {
          "name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
        },
        {
          "name": "DSA-4875",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2021/dsa-4875"
        },
        {
          "name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
        },
        {
          "name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
        },
        {
          "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
        },
        {
          "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
        },
        {
          "name": "GLSA-202103-03",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202103-03"
        },
        {
          "name": "FEDORA-2021-cbf14ab8f9",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-10"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-09"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
        },
        {
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-06"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-05"
        },
        {
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
        },
        {
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
        },
        {
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
        },
        {
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
        },
        {
          "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
        }
      ],
      "title": "NULL pointer deref in signature_algorithms processing"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2021-3449",
    "datePublished": "2021-03-25T14:25:13.659307Z",
    "dateReserved": "2021-03-17T00:00:00",
    "dateUpdated": "2024-09-17T03:43:55.497Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7592 (GCVE-0-2020-7592)

Vulnerability from cvelistv5 – Published: 2020-07-14 13:18 – Updated: 2024-08-04 09:33
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI KTP700F Mobile Arctic (All versions), SIMATIC HMI Mobile Panels 2nd Generation (All versions), SIMATIC WinCC Runtime Advanced (All versions). Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have access to sensitive information.
Severity ?
No CVSS data available.
CWE
  • CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
Impacted products
Vendor Product Version
Siemens AG SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.896Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP700F Mobile Arctic",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Mobile Panels 2nd Generation",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI KTP700F Mobile Arctic (All versions), SIMATIC HMI Mobile Panels 2nd Generation (All versions), SIMATIC WinCC Runtime Advanced (All versions). Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have access to sensitive information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-319",
              "description": "CWE-319: Cleartext Transmission of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-16T13:40:34",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-7592",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP700F Mobile Arctic",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Mobile Panels 2nd Generation",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI KTP700F Mobile Arctic (All versions), SIMATIC HMI Mobile Panels 2nd Generation (All versions), SIMATIC WinCC Runtime Advanced (All versions). Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have access to sensitive information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-319: Cleartext Transmission of Sensitive Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-7592",
    "datePublished": "2020-07-14T13:18:05",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.896Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7580 (GCVE-0-2020-7580)

Vulnerability from cvelistv5 – Published: 2020-06-10 00:00 – Updated: 2024-08-04 09:33
VLAI?
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
Severity ?
No CVSS data available.
CWE
  • CWE-428 - Unquoted Search Path or Element
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC Automation Tool Affected: All versions < V4 SP2
Create a notification for this product.
    Siemens SIMATIC NET PC Software V14 Affected: All versions < V14 SP1 Update 14
Create a notification for this product.
    Siemens SIMATIC NET PC Software V15 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC NET PC Software V16 Affected: All versions < V16 Upd3
Create a notification for this product.
    Siemens SIMATIC PCS neo Affected: All versions < V3.0 SP1
Create a notification for this product.
    Siemens SIMATIC ProSave Affected: All versions < V17
Create a notification for this product.
    Siemens SIMATIC S7-1500 Software Controller Affected: All versions < V21.8
Create a notification for this product.
    Siemens SIMATIC STEP 7 (TIA Portal) V13 Affected: All versions < V13 SP2 Update 4
Create a notification for this product.
    Siemens SIMATIC STEP 7 (TIA Portal) V14 Affected: All versions < V14 SP1 Update 10
Create a notification for this product.
    Siemens SIMATIC STEP 7 (TIA Portal) V15 Affected: All versions < V15.1 Update 5
Create a notification for this product.
    Siemens SIMATIC STEP 7 (TIA Portal) V16 Affected: All versions < V16 Update 2
Create a notification for this product.
    Siemens SIMATIC STEP 7 V5 Affected: All versions < V5.6 SP2 HF3
Create a notification for this product.
    Siemens SIMATIC WinCC OA V3.16 Affected: All versions < V3.16 P018
Create a notification for this product.
    Siemens SIMATIC WinCC OA V3.17 Affected: All versions < V3.17 P003
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced Affected: All versions < V16 Update 2
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Professional V13 Affected: All versions < V13 SP2 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Professional V14 Affected: All versions < V14 SP1 Update 10
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Professional V15 Affected: All versions < V15.1 Update 5
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Professional V16 Affected: All versions < V16 Update 2
Create a notification for this product.
    Siemens SIMATIC WinCC V7.4 Affected: All versions < V7.4 SP1 Update 14
Create a notification for this product.
    Siemens SIMATIC WinCC V7.5 Affected: All versions < V7.5 SP1 Update 3
Create a notification for this product.
    Siemens SINAMICS STARTER Affected: All Versions < V5.4 HF2
Create a notification for this product.
    Siemens SINAMICS Startdrive Affected: All Versions < V16 Update 3
Create a notification for this product.
    Siemens SINEC NMS Affected: All versions < V1.0 SP2
Create a notification for this product.
    Siemens SINEMA Server Affected: All versions < V14 SP3
Create a notification for this product.
    Siemens SINUMERIK ONE virtual Affected: All Versions < V6.14
Create a notification for this product.
    Siemens SINUMERIK Operate Affected: All Versions < V6.14
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.492Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC Automation Tool",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4 SP2"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 14"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Upd3"
            }
          ]
        },
        {
          "product": "SIMATIC PCS neo",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0 SP1"
            }
          ]
        },
        {
          "product": "SIMATIC ProSave",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V17"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V21.8"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V13",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V13 SP2 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 10"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 5"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 2"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 V5",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.6 SP2 HF3"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.16 P018"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.17",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.17 P003"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 2"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V13",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V13 SP2 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 10"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 5"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 2"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC V7.4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.4 SP1 Update 14"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC V7.5",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.5 SP1 Update 3"
            }
          ]
        },
        {
          "product": "SINAMICS STARTER",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.4 HF2"
            }
          ]
        },
        {
          "product": "SINAMICS Startdrive",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V16 Update 3"
            }
          ]
        },
        {
          "product": "SINEC NMS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0 SP2"
            }
          ]
        },
        {
          "product": "SINEMA Server",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP3"
            }
          ]
        },
        {
          "product": "SINUMERIK ONE virtual",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V6.14"
            }
          ]
        },
        {
          "product": "SINUMERIK Operate",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V6.14"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-428",
              "description": "CWE-428: Unquoted Search Path or Element",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-13T00:00:00",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
        },
        {
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-7580",
    "datePublished": "2020-06-10T00:00:00",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27385 (GCVE-0-2021-27385)

Vulnerability from nvd – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.
Severity ?
No CVSS data available.
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:17",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27385",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400: Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27385",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.474Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27386 (GCVE-0-2021-27386)

Vulnerability from nvd – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401: Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:18",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27386",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-401: Missing Release of Memory after Effective Lifetime"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27386",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25662 (GCVE-0-2021-25662)

Vulnerability from nvd – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:14",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25662",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-755: Improper Handling of Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25662",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27383 (GCVE-0-2021-27383)

Vulnerability from nvd – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:15",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27383",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-770: Allocation of Resources Without Limits or Throttling"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27383",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25660 (GCVE-0-2021-25660)

Vulnerability from nvd – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.734Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:11",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25660",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25660",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27384 (GCVE-0-2021-27384)

Vulnerability from nvd – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:16",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27384",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27384",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25661 (GCVE-0-2021-25661)

Vulnerability from nvd – Published: 2021-05-12 13:18 – Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:12",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25661",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25661",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-3449 (GCVE-0-2021-3449)

Vulnerability from nvd – Published: 2021-03-25 14:25 – Updated: 2024-09-17 03:43
VLAI?
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
Severity ?
No CVSS data available.
CWE
  • NULL pointer dereference
Assigner
References
https://www.openssl.org/news/secadv/20210325.txt
https://git.openssl.org/gitweb/?p=openssl.git%3Ba…
https://tools.cisco.com/security/center/content/C… vendor-advisory
https://www.debian.org/security/2021/dsa-4875 vendor-advisory
http://www.openwall.com/lists/oss-security/2021/03/27/1 mailing-list
http://www.openwall.com/lists/oss-security/2021/03/27/2 mailing-list
http://www.openwall.com/lists/oss-security/2021/03/28/3 mailing-list
http://www.openwall.com/lists/oss-security/2021/03/28/4 mailing-list
https://security.gentoo.org/glsa/202103-03 vendor-advisory
https://lists.fedoraproject.org/archives/list/pac… vendor-advisory
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.tenable.com/security/tns-2021-10
https://www.tenable.com/security/tns-2021-09
https://security.netapp.com/advisory/ntap-2021051…
https://security.netapp.com/advisory/ntap-2021032…
https://security.FreeBSD.org/advisories/FreeBSD-S…
https://www.tenable.com/security/tns-2021-06
https://www.tenable.com/security/tns-2021-05
https://kc.mcafee.com/corporate/index?page=conten…
https://www.oracle.com//security-alerts/cpujul2021.html
https://cert-portal.siemens.com/productcert/pdf/s…
https://kb.pulsesecure.net/articles/Pulse_Securit…
https://psirt.global.sonicwall.com/vuln-detail/SN…
https://lists.debian.org/debian-lts-announce/2021… mailing-list
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://cert-portal.siemens.com/productcert/pdf/s…
https://www.oracle.com/security-alerts/cpujul2022.html
https://security.netapp.com/advisory/ntap-2024062…
Impacted products
Vendor Product Version
OpenSSL OpenSSL Affected: Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)
Create a notification for this product.
Credits
Peter Kästle (Nokia) and Samuel Sapalski (Nokia)
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:53:17.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20210325.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
          },
          {
            "name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
          },
          {
            "name": "DSA-4875",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2021/dsa-4875"
          },
          {
            "name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
          },
          {
            "name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
          },
          {
            "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
          },
          {
            "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
          },
          {
            "name": "GLSA-202103-03",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202103-03"
          },
          {
            "name": "FEDORA-2021-cbf14ab8f9",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-09"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-06"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-05"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
          },
          {
            "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Peter K\u00e4stle (Nokia) and Samuel Sapalski (Nokia)"
        }
      ],
      "datePublic": "2021-03-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "lang": "eng",
              "url": "https://www.openssl.org/policies/secpolicy.html#High",
              "value": "High"
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "NULL pointer dereference",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-21T19:05:57.096577",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "url": "https://www.openssl.org/news/secadv/20210325.txt"
        },
        {
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
        },
        {
          "name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
        },
        {
          "name": "DSA-4875",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2021/dsa-4875"
        },
        {
          "name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
        },
        {
          "name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
        },
        {
          "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
        },
        {
          "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
        },
        {
          "name": "GLSA-202103-03",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202103-03"
        },
        {
          "name": "FEDORA-2021-cbf14ab8f9",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-10"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-09"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
        },
        {
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-06"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-05"
        },
        {
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
        },
        {
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
        },
        {
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
        },
        {
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
        },
        {
          "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
        }
      ],
      "title": "NULL pointer deref in signature_algorithms processing"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2021-3449",
    "datePublished": "2021-03-25T14:25:13.659307Z",
    "dateReserved": "2021-03-17T00:00:00",
    "dateUpdated": "2024-09-17T03:43:55.497Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7592 (GCVE-0-2020-7592)

Vulnerability from nvd – Published: 2020-07-14 13:18 – Updated: 2024-08-04 09:33
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI KTP700F Mobile Arctic (All versions), SIMATIC HMI Mobile Panels 2nd Generation (All versions), SIMATIC WinCC Runtime Advanced (All versions). Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have access to sensitive information.
Severity ?
No CVSS data available.
CWE
  • CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
Impacted products
Vendor Product Version
Siemens AG SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.896Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP700F Mobile Arctic",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Mobile Panels 2nd Generation",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI KTP700F Mobile Arctic (All versions), SIMATIC HMI Mobile Panels 2nd Generation (All versions), SIMATIC WinCC Runtime Advanced (All versions). Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have access to sensitive information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-319",
              "description": "CWE-319: Cleartext Transmission of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-16T13:40:34",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-7592",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP700F Mobile Arctic",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Mobile Panels 2nd Generation",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI KTP700F Mobile Arctic (All versions), SIMATIC HMI Mobile Panels 2nd Generation (All versions), SIMATIC WinCC Runtime Advanced (All versions). Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have access to sensitive information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-319: Cleartext Transmission of Sensitive Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-7592",
    "datePublished": "2020-07-14T13:18:05",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.896Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7580 (GCVE-0-2020-7580)

Vulnerability from nvd – Published: 2020-06-10 00:00 – Updated: 2024-08-04 09:33
VLAI?
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
Severity ?
No CVSS data available.
CWE
  • CWE-428 - Unquoted Search Path or Element
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC Automation Tool Affected: All versions < V4 SP2
Create a notification for this product.
    Siemens SIMATIC NET PC Software V14 Affected: All versions < V14 SP1 Update 14
Create a notification for this product.
    Siemens SIMATIC NET PC Software V15 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC NET PC Software V16 Affected: All versions < V16 Upd3
Create a notification for this product.
    Siemens SIMATIC PCS neo Affected: All versions < V3.0 SP1
Create a notification for this product.
    Siemens SIMATIC ProSave Affected: All versions < V17
Create a notification for this product.
    Siemens SIMATIC S7-1500 Software Controller Affected: All versions < V21.8
Create a notification for this product.
    Siemens SIMATIC STEP 7 (TIA Portal) V13 Affected: All versions < V13 SP2 Update 4
Create a notification for this product.
    Siemens SIMATIC STEP 7 (TIA Portal) V14 Affected: All versions < V14 SP1 Update 10
Create a notification for this product.
    Siemens SIMATIC STEP 7 (TIA Portal) V15 Affected: All versions < V15.1 Update 5
Create a notification for this product.
    Siemens SIMATIC STEP 7 (TIA Portal) V16 Affected: All versions < V16 Update 2
Create a notification for this product.
    Siemens SIMATIC STEP 7 V5 Affected: All versions < V5.6 SP2 HF3
Create a notification for this product.
    Siemens SIMATIC WinCC OA V3.16 Affected: All versions < V3.16 P018
Create a notification for this product.
    Siemens SIMATIC WinCC OA V3.17 Affected: All versions < V3.17 P003
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced Affected: All versions < V16 Update 2
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Professional V13 Affected: All versions < V13 SP2 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Professional V14 Affected: All versions < V14 SP1 Update 10
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Professional V15 Affected: All versions < V15.1 Update 5
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Professional V16 Affected: All versions < V16 Update 2
Create a notification for this product.
    Siemens SIMATIC WinCC V7.4 Affected: All versions < V7.4 SP1 Update 14
Create a notification for this product.
    Siemens SIMATIC WinCC V7.5 Affected: All versions < V7.5 SP1 Update 3
Create a notification for this product.
    Siemens SINAMICS STARTER Affected: All Versions < V5.4 HF2
Create a notification for this product.
    Siemens SINAMICS Startdrive Affected: All Versions < V16 Update 3
Create a notification for this product.
    Siemens SINEC NMS Affected: All versions < V1.0 SP2
Create a notification for this product.
    Siemens SINEMA Server Affected: All versions < V14 SP3
Create a notification for this product.
    Siemens SINUMERIK ONE virtual Affected: All Versions < V6.14
Create a notification for this product.
    Siemens SINUMERIK Operate Affected: All Versions < V6.14
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.492Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC Automation Tool",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4 SP2"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 14"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Upd3"
            }
          ]
        },
        {
          "product": "SIMATIC PCS neo",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0 SP1"
            }
          ]
        },
        {
          "product": "SIMATIC ProSave",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V17"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V21.8"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V13",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V13 SP2 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 10"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 5"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 2"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 V5",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.6 SP2 HF3"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.16 P018"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.17",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.17 P003"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 2"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V13",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V13 SP2 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 10"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 5"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 2"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC V7.4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.4 SP1 Update 14"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC V7.5",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.5 SP1 Update 3"
            }
          ]
        },
        {
          "product": "SINAMICS STARTER",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.4 HF2"
            }
          ]
        },
        {
          "product": "SINAMICS Startdrive",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V16 Update 3"
            }
          ]
        },
        {
          "product": "SINEC NMS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0 SP2"
            }
          ]
        },
        {
          "product": "SINEMA Server",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP3"
            }
          ]
        },
        {
          "product": "SINUMERIK ONE virtual",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V6.14"
            }
          ]
        },
        {
          "product": "SINUMERIK Operate",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V6.14"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-428",
              "description": "CWE-428: Unquoted Search Path or Element",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-13T00:00:00",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
        },
        {
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-7580",
    "datePublished": "2020-06-10T00:00:00",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}