Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-25239 (GCVE-0-2020-25239)
Vulnerability from cvelistv5 – Published: 2021-03-15 17:03 – Updated: 2024-08-04 15:33
VLAI?
EPSS
Summary
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.
Severity ?
No CVSS data available.
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | SINEMA Remote Connect Server |
Affected:
All versions < V3.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:33:05.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SINEMA Remote Connect Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-15T17:03:30",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-25239",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SINEMA Remote Connect Server",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.0"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-25239",
"datePublished": "2021-03-15T17:03:30",
"dateReserved": "2020-09-10T00:00:00",
"dateUpdated": "2024-08-04T15:33:05.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.0\", \"matchCriteriaId\": \"F65F9901-F4BD-4484-9749-D5022245D686\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.\"}, {\"lang\": \"es\", \"value\": \"Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (todas las versiones anteriores a V3.0).\u0026#xa0;El servidor web podr\\u00eda permitir acciones no autorizadas por medio de unas url especiales para usuarios sin privilegios.\u0026#xa0;La configuraci\\u00f3n del servidor de autorizaci\\u00f3n de UMC podr\\u00eda ser cambiada para agregar un servidor no autorizado mediante un atacante que se autentica con derechos de usuario sin privilegios\"}]",
"id": "CVE-2020-25239",
"lastModified": "2024-11-21T05:17:44.283",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-03-15T17:15:19.957",
"references": "[{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"productcert@siemens.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-25239\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2021-03-15T17:15:19.957\",\"lastModified\":\"2024-11-21T05:17:44.283\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (todas las versiones anteriores a V3.0).\u0026#xa0;El servidor web podr\u00eda permitir acciones no autorizadas por medio de unas url especiales para usuarios sin privilegios.\u0026#xa0;La configuraci\u00f3n del servidor de autorizaci\u00f3n de UMC podr\u00eda ser cambiada para agregar un servidor no autorizado mediante un atacante que se autentica con derechos de usuario sin privilegios\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"F65F9901-F4BD-4484-9749-D5022245D686\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2021-AVI-176
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SENTRON PAC3200 versions antérieures à 2.4.7 | ||
| Siemens | N/A | SENTRON 3VA COM100/800, 3VA DSP800, PAC2200 toutes versions | ||
| Siemens | N/A | SCALANCE XM400 et XR500 versions antérieures à 6.2 | ||
| Siemens | N/A | SIMATIC S7-PLCSIM version 5.4 | ||
| Siemens | N/A | RUGGEDCOM RM1224, SCALANCE M-800 et Scalance S615 versions 4.3 et ultérieures | ||
| Siemens | N/A | SENTRON PAC3220 versions antérieures à 3.2.0 | ||
| Siemens | N/A | module Mendix Forgot Password versions antérieures à 3.2.1 | ||
| Siemens | N/A | SIMATIC NET CM 1542-1 toutes versions | ||
| Siemens | N/A | Solid Edge SE2020 versions antérieures à SE2020MP13 | ||
| Siemens | N/A | SINEMA remote connect server versions antérieures à 3.0 | ||
| Siemens | N/A | SCALANCE SC-600 versions antérieures à 2.1.3 | ||
| Siemens | N/A | LOGO! 8 BM toutes versions (y compris les versions SIPLUS) | ||
| Siemens | N/A | PLUSCONTROL 1st Gen toutes versions | ||
| Siemens | N/A | SENTRON PAC4200 versions antérieures à 2.3.0 | ||
| Siemens | N/A | Luxion KeyShot versions antérieures à 10.1 | ||
| Siemens | N/A | SCALANCE X300WG et Xx200 versions antérieures à 4.1 | ||
| Siemens | N/A | SIMATIC MV400 versions antérieures à 7.0.6 | ||
| Siemens | N/A | Solid Edge SE2021 versions antérieures à SE2021MP3 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SENTRON PAC3200 versions ant\u00e9rieures \u00e0 2.4.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON 3VA COM100/800, 3VA DSP800, PAC2200 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM400 et XR500 versions ant\u00e9rieures \u00e0 6.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-PLCSIM version 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224, SCALANCE M-800 et Scalance S615 versions 4.3 et ult\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON PAC3220 versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "module Mendix Forgot Password versions ant\u00e9rieures \u00e0 3.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CM 1542-1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2020 versions ant\u00e9rieures \u00e0 SE2020MP13",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA remote connect server versions ant\u00e9rieures \u00e0 3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC-600 versions ant\u00e9rieures \u00e0 2.1.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 8 BM toutes versions (y compris les versions SIPLUS)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "PLUSCONTROL 1st Gen toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON PAC4200 versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Luxion KeyShot versions ant\u00e9rieures \u00e0 10.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X300WG et Xx200 versions ant\u00e9rieures \u00e0 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV400 versions ant\u00e9rieures \u00e0 7.0.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2021 versions ant\u00e9rieures \u00e0 SE2021MP3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-25667",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25667"
},
{
"name": "CVE-2020-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28388"
},
{
"name": "CVE-2021-27381",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27381"
},
{
"name": "CVE-2021-25673",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25673"
},
{
"name": "CVE-2020-28387",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28387"
},
{
"name": "CVE-2020-25241",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25241"
},
{
"name": "CVE-2021-22647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22647"
},
{
"name": "CVE-2021-22643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22643"
},
{
"name": "CVE-2021-25672",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25672"
},
{
"name": "CVE-2021-27380",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27380"
},
{
"name": "CVE-2021-22649",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22649"
},
{
"name": "CVE-2021-22651",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22651"
},
{
"name": "CVE-2021-25676",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25676"
},
{
"name": "CVE-2021-25674",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25674"
},
{
"name": "CVE-2021-22645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22645"
},
{
"name": "CVE-2019-3823",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3823"
},
{
"name": "CVE-2020-28385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28385"
},
{
"name": "CVE-2019-10926",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10926"
},
{
"name": "CVE-2020-13987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13987"
},
{
"name": "CVE-2020-27632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27632"
},
{
"name": "CVE-2020-25239",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25239"
},
{
"name": "CVE-2020-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25236"
},
{
"name": "CVE-2021-25675",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25675"
},
{
"name": "CVE-2020-25240",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25240"
},
{
"name": "CVE-2019-10925",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10925"
},
{
"name": "CVE-2020-17437",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17437"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-176",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-599268 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-979775 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-541018 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-715184 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-715184.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-936080 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-231216 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-231216.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-783481 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-783481.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-296266 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-731317 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-256092 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-256092.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-344238 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-917115 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-917115.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-816980 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
}
]
}
CERTFR-2021-AVI-176
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SENTRON PAC3200 versions antérieures à 2.4.7 | ||
| Siemens | N/A | SENTRON 3VA COM100/800, 3VA DSP800, PAC2200 toutes versions | ||
| Siemens | N/A | SCALANCE XM400 et XR500 versions antérieures à 6.2 | ||
| Siemens | N/A | SIMATIC S7-PLCSIM version 5.4 | ||
| Siemens | N/A | RUGGEDCOM RM1224, SCALANCE M-800 et Scalance S615 versions 4.3 et ultérieures | ||
| Siemens | N/A | SENTRON PAC3220 versions antérieures à 3.2.0 | ||
| Siemens | N/A | module Mendix Forgot Password versions antérieures à 3.2.1 | ||
| Siemens | N/A | SIMATIC NET CM 1542-1 toutes versions | ||
| Siemens | N/A | Solid Edge SE2020 versions antérieures à SE2020MP13 | ||
| Siemens | N/A | SINEMA remote connect server versions antérieures à 3.0 | ||
| Siemens | N/A | SCALANCE SC-600 versions antérieures à 2.1.3 | ||
| Siemens | N/A | LOGO! 8 BM toutes versions (y compris les versions SIPLUS) | ||
| Siemens | N/A | PLUSCONTROL 1st Gen toutes versions | ||
| Siemens | N/A | SENTRON PAC4200 versions antérieures à 2.3.0 | ||
| Siemens | N/A | Luxion KeyShot versions antérieures à 10.1 | ||
| Siemens | N/A | SCALANCE X300WG et Xx200 versions antérieures à 4.1 | ||
| Siemens | N/A | SIMATIC MV400 versions antérieures à 7.0.6 | ||
| Siemens | N/A | Solid Edge SE2021 versions antérieures à SE2021MP3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SENTRON PAC3200 versions ant\u00e9rieures \u00e0 2.4.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON 3VA COM100/800, 3VA DSP800, PAC2200 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM400 et XR500 versions ant\u00e9rieures \u00e0 6.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-PLCSIM version 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224, SCALANCE M-800 et Scalance S615 versions 4.3 et ult\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON PAC3220 versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "module Mendix Forgot Password versions ant\u00e9rieures \u00e0 3.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CM 1542-1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2020 versions ant\u00e9rieures \u00e0 SE2020MP13",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA remote connect server versions ant\u00e9rieures \u00e0 3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE SC-600 versions ant\u00e9rieures \u00e0 2.1.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO! 8 BM toutes versions (y compris les versions SIPLUS)",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "PLUSCONTROL 1st Gen toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON PAC4200 versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Luxion KeyShot versions ant\u00e9rieures \u00e0 10.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE X300WG et Xx200 versions ant\u00e9rieures \u00e0 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV400 versions ant\u00e9rieures \u00e0 7.0.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge SE2021 versions ant\u00e9rieures \u00e0 SE2021MP3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-25667",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25667"
},
{
"name": "CVE-2020-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28388"
},
{
"name": "CVE-2021-27381",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27381"
},
{
"name": "CVE-2021-25673",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25673"
},
{
"name": "CVE-2020-28387",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28387"
},
{
"name": "CVE-2020-25241",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25241"
},
{
"name": "CVE-2021-22647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22647"
},
{
"name": "CVE-2021-22643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22643"
},
{
"name": "CVE-2021-25672",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25672"
},
{
"name": "CVE-2021-27380",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27380"
},
{
"name": "CVE-2021-22649",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22649"
},
{
"name": "CVE-2021-22651",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22651"
},
{
"name": "CVE-2021-25676",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25676"
},
{
"name": "CVE-2021-25674",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25674"
},
{
"name": "CVE-2021-22645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22645"
},
{
"name": "CVE-2019-3823",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3823"
},
{
"name": "CVE-2020-28385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28385"
},
{
"name": "CVE-2019-10926",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10926"
},
{
"name": "CVE-2020-13987",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13987"
},
{
"name": "CVE-2020-27632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27632"
},
{
"name": "CVE-2020-25239",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25239"
},
{
"name": "CVE-2020-25236",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25236"
},
{
"name": "CVE-2021-25675",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25675"
},
{
"name": "CVE-2020-25240",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25240"
},
{
"name": "CVE-2019-10925",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10925"
},
{
"name": "CVE-2020-17437",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-17437"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-176",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-03-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-599268 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-979775 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979775.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-541018 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-715184 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-715184.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-936080 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-231216 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-231216.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-783481 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-783481.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-296266 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-296266.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-731317 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-256092 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-256092.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-344238 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-917115 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-917115.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-816980 du 09 mars 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
}
]
}
FKIE_CVE-2020-25239
Vulnerability from fkie_nvd - Published: 2021-03-15 17:15 - Updated: 2024-11-21 05:17
Severity ?
Summary
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | sinema_remote_connect_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F65F9901-F4BD-4484-9749-D5022245D686",
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (todas las versiones anteriores a V3.0).\u0026#xa0;El servidor web podr\u00eda permitir acciones no autorizadas por medio de unas url especiales para usuarios sin privilegios.\u0026#xa0;La configuraci\u00f3n del servidor de autorizaci\u00f3n de UMC podr\u00eda ser cambiada para agregar un servidor no autorizado mediante un atacante que se autentica con derechos de usuario sin privilegios"
}
],
"id": "CVE-2020-25239",
"lastModified": "2024-11-21T05:17:44.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-15T17:15:19.957",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
GHSA-FP4F-M8G2-6548
Vulnerability from github – Published: 2022-05-24 17:44 – Updated: 2022-05-24 17:44
VLAI?
Details
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.
{
"affected": [],
"aliases": [
"CVE-2020-25239"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-03-15T17:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.",
"id": "GHSA-fp4f-m8g2-6548",
"modified": "2022-05-24T17:44:32Z",
"published": "2022-05-24T17:44:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25239"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2020-25239
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-25239",
"description": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.",
"id": "GSD-2020-25239"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-25239"
],
"details": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.",
"id": "GSD-2020-25239",
"modified": "2023-12-13T01:21:57.234241Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-25239",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SINEMA Remote Connect Server",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.0"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-25239"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "N/A",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-03-18T18:28Z",
"publishedDate": "2021-03-15T17:15Z"
}
}
}
VAR-202103-0196
Vulnerability from variot - Updated: 2023-12-18 11:22A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights. SINEMA Remote Connect Server Contains an improper authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Siemens SINEMA Remote Connect Server is a set of remote network management platform of German Siemens (Siemens) company. The platform is mainly used for remote access, maintenance, control and diagnosis of the underlying network
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-0196",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinema remote connect server",
"scope": "lt",
"trust": 1.6,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "sinema remote connect server",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": "3.0"
},
{
"model": "sinema remote connect server",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16437"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016313"
},
{
"db": "NVD",
"id": "CVE-2020-25239"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-25239"
}
]
},
"cve": "CVE-2020-25239",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2020-25239",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-16437",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-179197",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-25239",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-25239",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2021-16437",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202103-693",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-179197",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16437"
},
{
"db": "VULHUB",
"id": "VHN-179197"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016313"
},
{
"db": "NVD",
"id": "CVE-2020-25239"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-693"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights. SINEMA Remote Connect Server Contains an improper authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Siemens SINEMA Remote Connect Server is a set of remote network management platform of German Siemens (Siemens) company. The platform is mainly used for remote access, maintenance, control and diagnosis of the underlying network",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-25239"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016313"
},
{
"db": "CNVD",
"id": "CNVD-2021-16437"
},
{
"db": "VULHUB",
"id": "VHN-179197"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-25239",
"trust": 3.1
},
{
"db": "SIEMENS",
"id": "SSA-731317",
"trust": 2.3
},
{
"db": "JVN",
"id": "JVNVU93441670",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016313",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202103-693",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2021-16437",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-068-04",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0848",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-179197",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16437"
},
{
"db": "VULHUB",
"id": "VHN-179197"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016313"
},
{
"db": "NVD",
"id": "CVE-2020-25239"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-693"
}
]
},
"id": "VAR-202103-0196",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16437"
},
{
"db": "VULHUB",
"id": "VHN-179197"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16437"
}
]
},
"last_update_date": "2023-12-18T11:22:09.150000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-731317",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
},
{
"title": "Siemens SINEMA Remote Connect Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=144284"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-016313"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-693"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.1
},
{
"problemtype": "Bad authentication (CWE-863) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-179197"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016313"
},
{
"db": "NVD",
"id": "CVE-2020-25239"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25239"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93441670/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0848"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-04"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16437"
},
{
"db": "VULHUB",
"id": "VHN-179197"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016313"
},
{
"db": "NVD",
"id": "CVE-2020-25239"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-693"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-16437"
},
{
"db": "VULHUB",
"id": "VHN-179197"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016313"
},
{
"db": "NVD",
"id": "CVE-2020-25239"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-693"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-16437"
},
{
"date": "2021-03-15T00:00:00",
"db": "VULHUB",
"id": "VHN-179197"
},
{
"date": "2021-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-016313"
},
{
"date": "2021-03-15T17:15:19.957000",
"db": "NVD",
"id": "CVE-2020-25239"
},
{
"date": "2021-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-693"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-16437"
},
{
"date": "2021-03-18T00:00:00",
"db": "VULHUB",
"id": "VHN-179197"
},
{
"date": "2021-11-22T09:06:00",
"db": "JVNDB",
"id": "JVNDB-2020-016313"
},
{
"date": "2021-03-18T18:28:29.047000",
"db": "NVD",
"id": "CVE-2020-25239"
},
{
"date": "2021-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-693"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-693"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SINEMA\u00a0Remote\u00a0Connect\u00a0Server\u00a0 Authentication Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-016313"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-693"
}
],
"trust": 0.6
}
}
ICSA-21-068-04
Vulnerability from csaf_cisa - Published: 2021-03-09 00:00 - Updated: 2021-03-09 00:00Summary
Siemens SINEMA Remote Connect Server
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow authenticated unprivileged user accounts to access unauthorized functionality.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
This vulnerability has been discovered internally by Siemens.
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
This vulnerability has been discovered internally by Siemens. For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow authenticated unprivileged user accounts to access unauthorized functionality.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "This vulnerability has been discovered internally by Siemens.\n\nFor further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "general",
"text": "This vulnerability has been discovered internally by Siemens. For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-21-068-04 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-068-04.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-068-04 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-04"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "SSA-496604: SSA-731317: Multiple vulnerabilities in SINEMA Remote Connect Web Based Management - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/SSA-731317.txt"
}
],
"title": "Siemens SINEMA Remote Connect Server",
"tracking": {
"current_release_date": "2021-03-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-068-04",
"initial_release_date": "2021-03-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2021-03-09T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-21-068-04 Siemens SINEMA Remote Connect Server"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V3.0",
"product": {
"name": "SINEMA Remote Connect Server: All versions \u003c V3.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SINEMA Remote Connect Server"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25239",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "summary",
"text": "The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the UMC authorization server could be changed to add a rogue server by an attacker authenticating with unprivilege user rights.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/ww/en/view/109793790",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109793790"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25239"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Check that all settings are as expected when applying templates",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Configure a syslog server for logs",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Ensure that all (including unprivileged) accounts are trusted",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.0 - Download: https://support.industry.siemens.com/cs/ww/en/view/109793790 ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109793790"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2020-25240",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "summary",
"text": "Unpriviledged users can access services when guessing the url. An attacker could impact availability, integrity and gain information from logs and templates of the service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/ww/en/view/109793790",
"url": "https://support.industry.siemens.com/cs/ww/en/view/109793790"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25240"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Check that all settings are as expected when applying templates",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Configure a syslog server for logs",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Ensure that all (including unprivileged) accounts are trusted",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.0 - Download: https://support.industry.siemens.com/cs/ww/en/view/109793790 ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109793790"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
CNVD-2021-16437
Vulnerability from cnvd - Published: 2021-03-11
VLAI Severity ?
Title
Siemens SINEMA Remote Connect Server不正确授权漏洞
Description
Siemens SINEMA Remote Connect Server是德国西门子(Siemens)公司的一套远程网络管理平台。该平台主要用于远程访问、维护、控制和诊断底层网络。
Siemens SINEMA Remote Connect Server存在不正确授权漏洞。允许非特权用户权限验证的攻击者可以修改UMC授权服务器的设置,添加非法服务器。
Severity
高
Patch Name
Siemens SINEMA Remote Connect Server不正确授权漏洞的补丁
Patch Description
Siemens SINEMA Remote Connect Server是德国西门子(Siemens)公司的一套远程网络管理平台。该平台主要用于远程访问、维护、控制和诊断底层网络。
Siemens SINEMA Remote Connect Server存在不正确授权漏洞。允许非特权用户权限验证的攻击者可以修改UMC授权服务器的设置,添加非法服务器。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下供应商提供的安全公告获得补丁信息: https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf
Reference
https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf
Impacted products
| Name | Siemens SINEMA Remote Connect Server <3.0 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-25239"
}
},
"description": "Siemens SINEMA Remote Connect Server\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u5957\u8fdc\u7a0b\u7f51\u7edc\u7ba1\u7406\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u4e3b\u8981\u7528\u4e8e\u8fdc\u7a0b\u8bbf\u95ee\u3001\u7ef4\u62a4\u3001\u63a7\u5236\u548c\u8bca\u65ad\u5e95\u5c42\u7f51\u7edc\u3002\n\nSiemens SINEMA Remote Connect Server\u5b58\u5728\u4e0d\u6b63\u786e\u6388\u6743\u6f0f\u6d1e\u3002\u5141\u8bb8\u975e\u7279\u6743\u7528\u6237\u6743\u9650\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u4ee5\u4fee\u6539UMC\u6388\u6743\u670d\u52a1\u5668\u7684\u8bbe\u7f6e\uff0c\u6dfb\u52a0\u975e\u6cd5\u670d\u52a1\u5668\u3002",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-16437",
"openTime": "2021-03-11",
"patchDescription": "Siemens SINEMA Remote Connect Server\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u5957\u8fdc\u7a0b\u7f51\u7edc\u7ba1\u7406\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u4e3b\u8981\u7528\u4e8e\u8fdc\u7a0b\u8bbf\u95ee\u3001\u7ef4\u62a4\u3001\u63a7\u5236\u548c\u8bca\u65ad\u5e95\u5c42\u7f51\u7edc\u3002\r\n\r\nSiemens SINEMA Remote Connect Server\u5b58\u5728\u4e0d\u6b63\u786e\u6388\u6743\u6f0f\u6d1e\u3002\u5141\u8bb8\u975e\u7279\u6743\u7528\u6237\u6743\u9650\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u4ee5\u4fee\u6539UMC\u6388\u6743\u670d\u52a1\u5668\u7684\u8bbe\u7f6e\uff0c\u6dfb\u52a0\u975e\u6cd5\u670d\u52a1\u5668\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Siemens SINEMA Remote Connect Server\u4e0d\u6b63\u786e\u6388\u6743\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Siemens SINEMA Remote Connect Server \u003c3.0"
},
"referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-731317.pdf",
"serverity": "\u9ad8",
"submitTime": "2021-03-09",
"title": "Siemens SINEMA Remote Connect Server\u4e0d\u6b63\u786e\u6388\u6743\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…