cvelistv5 - cve-2019-10918

Source	URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf	Vendor Advisory
productcert@siemens.com	https://www.us-cert.gov/ics/advisories/ICSA-19-134-08	Third Party Advisory, US Government Resource

Vendor	Product
Siemens AG	SIMATIC PCS 7 V8.0 and earlier
Siemens AG	SIMATIC PCS 7 V8.1
Siemens AG	SIMATIC PCS 7 V8.2
Siemens AG	SIMATIC PCS 7 V9.0
Siemens AG	SIMATIC WinCC (TIA Portal) V13
Siemens AG	SIMATIC WinCC (TIA Portal) V14
Siemens AG	SIMATIC WinCC (TIA Portal) V15
Siemens AG	SIMATIC WinCC Runtime Professional V13
Siemens AG	SIMATIC WinCC Runtime Professional V14
Siemens AG	SIMATIC WinCC Runtime Professional V15
Siemens AG	SIMATIC WinCC V7.2 and earlier
Siemens AG	SIMATIC WinCC V7.3
Siemens AG	SIMATIC WinCC V7.4
Siemens AG	SIMATIC WinCC V7.5

ghsa-vw33-cr89-4v6m

Vulnerability from github

Published

2022-05-24 16:45

Modified

2022-05-24 16:45

Details

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions), SIMATIC WinCC (TIA Portal) V15 (All versions), SIMATIC WinCC Runtime Professional (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 Upd3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-10918"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-05-14T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions), SIMATIC WinCC (TIA Portal) V15 (All versions), SIMATIC WinCC Runtime Professional (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.",
  "id": "GHSA-vw33-cr89-4v6m",
  "modified": "2022-05-24T16:45:38Z",
  "published": "2022-05-24T16:45:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10918"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
    },
    {
      "type": "WEB",
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

icsa-19-134-08

Vulnerability from csaf_cisa

Published

2019-05-14 00:00

Modified

2019-10-10 00:00

Summary

Siemens SIMATIC PCS7, WinCC, TIA Portal (Update D)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary commands on the affected system.

Critical infrastructure sectors

Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on us-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target these vulnerabilities.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Vladimir Dashchenko",
          "Sergey Temnikov"
        ],
        "organization": "Kaspersky Lab",
        "summary": "reporting these vulnerabilities to Siemens"
      },
      {
        "organization": ", CNCERT/CC",
        "summary": "reporting these vulnerabilities to Siemens"
      },
      {
        "names": [
          "ChengBin Wang"
        ],
        "organization": "Guoli Security Technology",
        "summary": "reporting these vulnerabilities to Siemens"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary commands on the affected system.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on us-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and  solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-134-08 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-134-08.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-19-134-08 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-134-08"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-134-08"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "SSA-496604: SSA-697412: Multiple Vulnerabilities in SIMATIC WinCC, SIMATIC WinCC Runtime, SIMATIC PCS 7, SIMATIC TIA Portal - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/SSA-697412.txt"
      }
    ],
    "title": "Siemens SIMATIC PCS7, WinCC, TIA Portal (Update D)",
    "tracking": {
      "current_release_date": "2019-10-10T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-19-134-08",
      "initial_release_date": "2019-05-14T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2019-05-14T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-19-134-08 Siemens SIMATIC PCS7, WinCC, TIA Portal"
        },
        {
          "date": "2019-07-09T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-19-134-08 Siemens SIMATIC PCS7, WinCC, TIA Portal (Update A)"
        },
        {
          "date": "2019-08-13T00:00:00.000000Z",
          "legacy_version": "B",
          "number": "3",
          "summary": "ICSA-19-134-08 Siemens SIMATIC PCS7, WinCC, TIA Portal (Update B)"
        },
        {
          "date": "2019-09-10T00:00:00.000000Z",
          "legacy_version": "C",
          "number": "4",
          "summary": "ICSA-19-134-08 Siemens SIMATIC PCS7, WinCC, TIA Portal (Update C)"
        },
        {
          "date": "2019-10-10T00:00:00.000000Z",
          "legacy_version": "D",
          "number": "5",
          "summary": "ICSA-19-134-08 Siemens SIMATIC PCS7, WinCC, TIA Portal (Update D)"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions",
                "product": {
                  "name": "SIMATIC PCS 7 V8.0 and earlier: All versions",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC PCS 7 V8.0 and earlier"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V8.1 with WinCC V7.3 Upd 19",
                "product": {
                  "name": "SIMATIC PCS 7 V8.1: All versions \u003c V8.1 with WinCC V7.3 Upd 19",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC PCS 7 V8.1"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11",
                "product": {
                  "name": "SIMATIC PCS 7 V8.2: All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC PCS 7 V8.2"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11",
                "product": {
                  "name": "SIMATIC PCS 7 V9.0: All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC PCS 7 V9.0"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions",
                "product": {
                  "name": "SIMATIC WinCC (TIA Portal) V13: All versions",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC (TIA Portal) V13"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V14 SP1 Upd 9",
                "product": {
                  "name": "SIMATIC WinCC (TIA Portal) V14: All versions \u003c V14 SP1 Upd 9",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC (TIA Portal) V14"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V15.1 Upd 3",
                "product": {
                  "name": "SIMATIC WinCC (TIA Portal) V15: All versions \u003c V15.1 Upd 3",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC (TIA Portal) V15"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions",
                "product": {
                  "name": "SIMATIC WinCC Runtime Professional V13: All versions",
                  "product_id": "CSAFPID-0008"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC Runtime Professional V13"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V14.1 Upd 8",
                "product": {
                  "name": "SIMATIC WinCC Runtime Professional V14: All versions \u003c V14.1 Upd 8",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC Runtime Professional V14"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V15.1 Upd 3",
                "product": {
                  "name": "SIMATIC WinCC Runtime Professional V15: All versions \u003c V15.1 Upd 3",
                  "product_id": "CSAFPID-00010"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC Runtime Professional V15"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions",
                "product": {
                  "name": "SIMATIC WinCC V7.2 and earlier: All versions",
                  "product_id": "CSAFPID-00011"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC V7.2 and earlier"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V7.3 Upd 19",
                "product": {
                  "name": "SIMATIC WinCC V7.3: All versions \u003c V7.3 Upd 19",
                  "product_id": "CSAFPID-00012"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC V7.3"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V7.4 SP1 Upd 11",
                "product": {
                  "name": "SIMATIC WinCC V7.4: All versions \u003c V7.4 SP1 Upd 11",
                  "product_id": "CSAFPID-00013"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC V7.4"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "All versions \u003c V7.5 Upd 3",
                "product": {
                  "name": "SIMATIC WinCC V7.5: All versions \u003c V7.5 Upd 3",
                  "product_id": "CSAFPID-00014"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC WinCC V7.5"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-10916",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/ww/en/view/109767227",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109767227"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10916"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Apply Defense-in-Depth",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Enable \"Encrypted communication\" in SIMATIC WinCC and SIMATIC PCS 7.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Only open project files from trusted locations.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update WinCC to V7.3 Upd 19 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768972 ",
          "product_ids": [
            "CSAFPID-0002"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768972"
        },
        {
          "category": "vendor_fix",
          "details": "Update WinCC to V7.4 SP1 Upd 11 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768093 ",
          "product_ids": [
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768093"
        },
        {
          "category": "vendor_fix",
          "details": "Update WinCC to V7.4 SP1 Upd 11 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768093 ",
          "product_ids": [
            "CSAFPID-0004"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768093"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V14 SP1 Upd 9 - Download: https://support.industry.siemens.com/cs/ww/en/view/109747387 ",
          "product_ids": [
            "CSAFPID-0006"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109747387"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15.1 Upd 3 - Download: https://support.industry.siemens.com/cs/ww/en/view/109763890 ",
          "product_ids": [
            "CSAFPID-0007"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109763890"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-0008"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V14.1 Upd 8 - Download: https://support.industry.siemens.com/cs/ww/en/view/109747394 ",
          "product_ids": [
            "CSAFPID-0009"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109747394"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15.1 Upd 3 - Download: https://support.industry.siemens.com/cs/ww/en/view/109763892 ",
          "product_ids": [
            "CSAFPID-00010"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109763892"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-00011"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V7.3 Upd 19 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768972 ",
          "product_ids": [
            "CSAFPID-00012"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768972"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V7.4 SP1 Upd 11 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768093 ",
          "product_ids": [
            "CSAFPID-00013"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768093"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V7.5 Upd 3 - Download: https://support.industry.siemens.com/cs/ww/en/view/109767227 ",
          "product_ids": [
            "CSAFPID-00014"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109767227"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2019-10917",
      "cwe": {
        "id": "CWE-248",
        "name": "Uncaught Exception"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/ww/en/view/109767227",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109767227"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10917"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Apply Defense-in-Depth",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Enable \"Encrypted communication\" in SIMATIC WinCC and SIMATIC PCS 7.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Only open project files from trusted locations.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update WinCC to V7.3 Upd 19 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768972 ",
          "product_ids": [
            "CSAFPID-0002"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768972"
        },
        {
          "category": "vendor_fix",
          "details": "Update WinCC to V7.4 SP1 Upd 11 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768093 ",
          "product_ids": [
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768093"
        },
        {
          "category": "vendor_fix",
          "details": "Update WinCC to V7.4 SP1 Upd 11 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768093 ",
          "product_ids": [
            "CSAFPID-0004"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768093"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V14 SP1 Upd 9 - Download: https://support.industry.siemens.com/cs/ww/en/view/109747387 ",
          "product_ids": [
            "CSAFPID-0006"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109747387"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15.1 Upd 3 - Download: https://support.industry.siemens.com/cs/ww/en/view/109763890 ",
          "product_ids": [
            "CSAFPID-0007"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109763890"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-0008"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V14.1 Upd 8 - Download: https://support.industry.siemens.com/cs/ww/en/view/109747394 ",
          "product_ids": [
            "CSAFPID-0009"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109747394"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15.1 Upd 3 - Download: https://support.industry.siemens.com/cs/ww/en/view/109763892 ",
          "product_ids": [
            "CSAFPID-00010"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109763892"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-00011"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V7.3 Upd 19 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768972 ",
          "product_ids": [
            "CSAFPID-00012"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768972"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V7.4 SP1 Upd 11 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768093 ",
          "product_ids": [
            "CSAFPID-00013"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768093"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V7.5 Upd 3 - Download: https://support.industry.siemens.com/cs/ww/en/view/109767227 ",
          "product_ids": [
            "CSAFPID-00014"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109767227"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2019-10918",
      "cwe": {
        "id": "CWE-749",
        "name": "Exposed Dangerous Method or Function"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/ww/en/view/109767227",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109767227"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10918"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Apply Defense-in-Depth",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Enable \"Encrypted communication\" in SIMATIC WinCC and SIMATIC PCS 7.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Only open project files from trusted locations.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update WinCC to V7.3 Upd 19 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768972 ",
          "product_ids": [
            "CSAFPID-0002"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768972"
        },
        {
          "category": "vendor_fix",
          "details": "Update WinCC to V7.4 SP1 Upd 11 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768093 ",
          "product_ids": [
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768093"
        },
        {
          "category": "vendor_fix",
          "details": "Update WinCC to V7.4 SP1 Upd 11 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768093 ",
          "product_ids": [
            "CSAFPID-0004"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768093"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V14 SP1 Upd 9 - Download: https://support.industry.siemens.com/cs/ww/en/view/109747387 ",
          "product_ids": [
            "CSAFPID-0006"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109747387"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15.1 Upd 3 - Download: https://support.industry.siemens.com/cs/ww/en/view/109763890 ",
          "product_ids": [
            "CSAFPID-0007"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109763890"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-0008"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V14.1 Upd 8 - Download: https://support.industry.siemens.com/cs/ww/en/view/109747394 ",
          "product_ids": [
            "CSAFPID-0009"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109747394"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15.1 Upd 3 - Download: https://support.industry.siemens.com/cs/ww/en/view/109763892 ",
          "product_ids": [
            "CSAFPID-00010"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109763892"
        },
        {
          "category": "vendor_fix",
          "details": "See recommendations from section Workaround and Mitigations ",
          "product_ids": [
            "CSAFPID-00011"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V7.3 Upd 19 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768972 ",
          "product_ids": [
            "CSAFPID-00012"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768972"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V7.4 SP1 Upd 11 - Download: https://support.industry.siemens.com/cs/ww/en/view/109768093 ",
          "product_ids": [
            "CSAFPID-00013"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768093"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V7.5 Upd 3 - Download: https://support.industry.siemens.com/cs/ww/en/view/109767227 ",
          "product_ids": [
            "CSAFPID-00014"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109767227"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014"
          ]
        }
      ]
    }
  ]
}

var-201905-1321

Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The Siemens SIMATIC PCS 7 and SIMATIC WinCC input validation error vulnerability stems from a network system or product that does not properly validate the input data, and an authenticated attacker can exploit the vulnerability to execute arbitrary commands with SYSTEM privileges. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1321",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.5 upd3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "14.x"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 and earlier"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.2.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.4.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "15.x"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 and earlier"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "9.0.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7\u003c=v8.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v7.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic wincc upd3",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5.*\u003cv7.5"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "79.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.53"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "15.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime professional",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_7:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab,ChengBin Wang from ZheJiang Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10918",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2019-10918",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CNVD-2019-14940",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-142512",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-10918",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-10918",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-14940",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-592",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142512",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-10918",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The Siemens SIMATIC PCS 7 and SIMATIC WinCC input validation error vulnerability stems from a network system or product that does not properly validate the input data, and an authenticated attacker can exploit the vulnerability to execute arbitrary commands with SYSTEM privileges. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10918",
        "trust": 3.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-08",
        "trust": 3.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-697412",
        "trust": 1.8
      },
      {
        "db": "BID",
        "id": "108404",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "63A18FD7-D96A-4DF7-A648-6F834337CFC7",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ]
  },
  "id": "VAR-201905-1321",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      }
    ],
    "trust": 1.5253826575
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:28:16.165000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-697412",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
      },
      {
        "title": "Siemens SIMATIC PCS 7 and SIMATIC WinCC input patches for verification error vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/161829"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=8ee2a5f6493c2fed7b0aee2edd85e1cb"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10918"
      },
      {
        "trust": 1.3,
        "url": "http://www.securityfocus.com/bid/108404"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10918"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10918"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "IVD",
        "id": "63a18fd7-d96a-4df7-a648-6f834337cfc7"
      },
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108404"
      },
      {
        "date": "2019-06-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "date": "2019-05-14T20:29:02.483000",
        "db": "NVD",
        "id": "CVE-2019-10918"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14940"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142512"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-10918"
      },
      {
        "date": "2019-05-22T06:00:00",
        "db": "BID",
        "id": "108404"
      },
      {
        "date": "2019-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      },
      {
        "date": "2021-10-28T13:37:17.673000",
        "db": "NVD",
        "id": "CVE-2019-10918"
      },
      {
        "date": "2021-10-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Vulnerability related to input validation in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004568"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-592"
      }
    ],
    "trust": 0.6
  }
}

gsd-2019-10918

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Aliases

CVE-2019-10918

Aliases

CVE-2019-10918

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-10918",
    "description": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.",
    "id": "GSD-2019-10918"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-10918"
      ],
      "details": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.",
      "id": "GSD-2019-10918",
      "modified": "2023-12-13T01:23:59.099666Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2019-10918",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SIMATIC PCS 7 V8.0 and earlier",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC PCS 7 V8.1",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V8.1 with WinCC V7.3 Upd 19"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC PCS 7 V8.2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC PCS 7 V9.0",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC (TIA Portal) V13",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC (TIA Portal) V14",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V14 SP1 Upd 9"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC (TIA Portal) V15",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V15.1 Upd 3"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC Runtime Professional V13",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC Runtime Professional V14",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V14.1 Upd 8"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC Runtime Professional V15",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V15.1 Upd 3"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC V7.2 and earlier",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC V7.3",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V7.3 Upd 19"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC V7.4",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V7.4 SP1 Upd 11"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMATIC WinCC V7.5",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All versions \u003c V7.5 Upd 3"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens AG"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-749: Exposed Dangerous Method or Function"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf",
            "refsource": "CONFIRM",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
          },
          {
            "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08",
            "refsource": "MISC",
            "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_7:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-10918"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-10-28T13:37Z",
      "publishedDate": "2019-05-14T20:29Z"
    }
  }
}

Action not permitted

cve-2019-10918

Vulnerability from cvelistv5

ghsa-vw33-cr89-4v6m

Vulnerability from github

icsa-19-134-08

Vulnerability from csaf_cisa

var-201905-1321

Vulnerability from variot

gsd-2019-10918

Vulnerability from gsd

Tags