Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2019-13939
Vulnerability from cvelistv5
Published
2020-01-16 15:35
Modified
2024-08-05 00:05
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Capital Embedded AR Classic 431-422 |
Version: 0 < * |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:05:43.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Capital Embedded AR Classic 431-422",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Capital Embedded AR Classic R20-11",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2303",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Nucleus NET",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Nucleus ReadyStart V3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2017.02.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Nucleus Source Code",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T08:59:33.850Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-13939",
"datePublished": "2020-01-16T15:35:24",
"dateReserved": "2019-07-18T00:00:00",
"dateUpdated": "2024-08-05T00:05:43.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-13939\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2020-01-16T16:15:16.277\",\"lastModified\":\"2024-11-21T04:25:44.123\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en APOGEE MEC/MBC/PXC (P2) (Todas las versiones anteriores a V2.8.2), APOGEE PXC Series (BACnet) (Todas las versiones anteriores a V3.5.3), APOGEE PXC Series (P2) (Todas las versiones posteriores o iguales a V2. 8.2 y anteriores a V2.8.19), Desigo PXC00-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC00-U (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC001-E. D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC100-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC12-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00. 327), Desigo PXC128-U (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC200-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC22-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00. 327), Desigo PXC22.1-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC36.1-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC50-E. D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC64-U (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXM20-E (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00. 327), Nucleus NET (Todas las versiones), Nucleus RTOS (Todas las versiones), Nucleus ReadyStart para ARM, MIPS y PPC (Todas las versiones anteriores a V2017.02.2 con parche \\\"Nucleus 2017.02. 02 Nucleus NET Patch\\\"), Nucleus SafetyCert (Todas las versiones), Nucleus Source Code (Todas las versiones), SIMOTICS CONNECT 400 (Todas las versiones anteriores a V0.3.0.330), TALON TC Series (BACnet) (Todas las versiones anteriores a V3.5.3), VSTAR (Todas las versiones). Al enviar paquetes DHCP especialmente dise\u00f1ados a un dispositivo donde el cliente DHCP est\u00e1 habilitado, un atacante podr\u00eda cambiar la direcci\u00f3n IP del dispositivo a un valor no v\u00e1lido. La vulnerabilidad podr\u00eda afectar a la disponibilidad e integridad del dispositivo. Se requiere acceso a la red adyacente, pero no se necesita autenticaci\u00f3n ni interacci\u00f3n del usuario para realizar un ataque\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:N/I:P/A:P\",\"baseScore\":4.8,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.5,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:capital_vstar:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EC45D63-0FB7-4995-AF45-B41F6EF6A9E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:nucleus_net:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A987CFB-4A41-4F82-8C7F-31DE8F0650DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:nucleus_readystart:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2017.02.2\",\"matchCriteriaId\":\"FE16530A-D354-43A0-A2C7-DB312646C69C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:nucleus_safetycert:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ED0DBA9-FFB1-407C-8429-BCD24DCB33FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:nucleus_source_code:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07DAF9C3-B56A-4F40-B90B-D0DE96869A44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:nucleus_rtos:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"485540AD-9966-49B0-AC24-BEFE81C4D4E3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:apogee_modular_equiment_controller_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.8.2\",\"matchCriteriaId\":\"F8240E52-8D3B-40AF-944F-5AD993279B07\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:apogee_modular_equiment_controller:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7945BF7D-AB3A-4285-9C58-D56149ADFC15\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:apogee_modular_building_controller_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.8.2\",\"matchCriteriaId\":\"217F3116-5F09-4D60-BD65-8960401434AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:apogee_modular_building_controller:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5F978E7-3DD9-4948-BFFB-E7273003477B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:apogee_pxc_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.8.2\",\"matchCriteriaId\":\"1206DD28-16D8-4F71-BABA-FDCE3CD9A91D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:apogee_pxc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B73DAA70-4CFB-4E63-ADC7-EC8A93E0BBBB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigo_pxc_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3\",\"matchCriteriaId\":\"741E43A3-43D1-4ECF-915A-92E035FF8903\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigo_pxc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8ED54EF-1BAB-465B-A4D1-E779F63CF4F0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigo_pxm20_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3\",\"matchCriteriaId\":\"669CAA1B-9E47-4331-8E1F-92D562F3CFF2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigo_pxm20:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"408DD298-FAC6-45E6-BF04-832C16B13927\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simotics_connect_400_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.3.0.95\",\"matchCriteriaId\":\"E01F98E1-441B-48CC-90FC-E9391D65844E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simotics_connect_400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48BFF9EF-D1C1-4107-8D1E-51315C03FFF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:talon_tc_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0\",\"matchCriteriaId\":\"7EC32195-D888-4A8B-AC77-D0C98A83E88A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:talon_tc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F30FF737-174E-4760-A454-1DD174B4C966\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigo_pxc00-e.d_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"6.00.327\",\"matchCriteriaId\":\"BC441789-6954-48E7-9A42-1A2993C93066\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigo_pxc00-e.d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1727849-2FD8-40A2-91D3-E0C9662B45BC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigo_pxc00-u_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"6.00.327\",\"matchCriteriaId\":\"E396F519-8055-486E-A2DB-F9E6DD5B1E2D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigo_pxc00-u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD39D011-8AE2-46FE-9207-C110E2FBC07C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigo_pxc001-e.d_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"6.00.327\",\"matchCriteriaId\":\"8ACD8296-AC32-42CE-8B8D-A3F6FFD7A869\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigo_pxc001-e.d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC50C13-FA05-4459-BA1E-482D886B842B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigo_pxc12-e.d_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"6.00.327\",\"matchCriteriaId\":\"F6B65BC2-7D65-4216-8B3A-773825297CFE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigo_pxc12-e.d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDA404C0-FD6D-47CC-950C-E5DCC993C8E6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigo_pxc22-e.d_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"6.00.327\",\"matchCriteriaId\":\"9C4CDD0E-FAB0-4F44-96AB-9ADDEFB456EC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigo_pxc22-e.d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A4D84CE-07AB-4305-9C48-54392772D4EB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigo_pxc22.1-e.d_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"6.00.327\",\"matchCriteriaId\":\"F5B66D45-3F60-469D-ADF6-ECB02567970C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigo_pxc22.1-e.d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E67F374-BF75-4334-A6D5-AB570E0A70D8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigo_pxc36.1-e.d_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.3.0\",\"versionEndExcluding\":\"6.00.327\",\"matchCriteriaId\":\"B1C11C33-5757-44C5-9CC2-4BC3F287DD75\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigo_pxc36.1-e.d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CA7EF94-2EE2-4B53-A544-F675306DF84F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigopxc50-e.d_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93AC0E5C-5A08-43E4-88E5-7681755126F0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigopxc50-e.d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F2D5B24-63B5-41C8-B20B-98699C4979F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigopxc64-u_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCB6399E-E7BD-4469-8166-B03B74E421BE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigopxc64-u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"980885C3-B98A-4AC9-AB86-A8BBFF23F37D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigopxc100-e.d_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9118355-1BBC-43C7-9923-0F8FAEA70D40\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigopxc100-e.d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93E5FEC8-EAE9-4235-91EE-FE68CCE19C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigopxc128-u_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD7B8DC6-A346-4D4B-B6F6-9831E7D1F999\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigopxc128-u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF17316C-DDD6-42F9-A147-6729632D9902\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigopxc200-e.d_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED820905-73EA-41F8-A2C5-17CD6BCF1707\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigopxc200-e.d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E05F84E0-808C-4C40-9D50-9BE0117B791E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:desigopxm20-e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EFE56A4-408F-4807-A76D-B54AD9C85C28\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:desigopxm20-e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"162C32E8-05CD-40A2-AB56-17CE4D85842F\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-162506.html\",\"source\":\"productcert@siemens.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-434032.html\",\"source\":\"productcert@siemens.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-162506.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-434032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
ICSA-19-318-01
Vulnerability from csaf_cisa
Published
2019-11-14 00:00
Modified
2019-11-14 00:00
Summary
Siemens Mentor Nucleus Networking Module
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of this vulnerability could allow an attacker to affect the integrity and availability of the device.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.
{
"document": {
"acknowledgments": [
{
"organization": "Armis",
"summary": "reporting this vulnerability to Siemens"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow an attacker to affect the integrity and availability of the device.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-318-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-318-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-318-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-318-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "SSA-496604: SSA-434032: Vulnerability in Mentor Nucleus Networking Module - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/SSA-434032.txt"
}
],
"title": "Siemens Mentor Nucleus Networking Module",
"tracking": {
"current_release_date": "2019-11-14T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-318-01",
"initial_release_date": "2019-11-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-11-14T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-318-01 Siemens Mentor Nucleus Networking Module"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions",
"product": {
"name": "Nucleus NET: All versions",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Nucleus NET"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions",
"product": {
"name": "Nucleus RTOS: All versions",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Nucleus RTOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2017.02.2 with patch \"Nucleus 2017.02.02 Nucleus NET",
"product": {
"name": "Nucleus ReadyStart for ARM, MIPS, and PPC: All versions \u003c V2017.02.2 with patch \"Nucleus 2017.02.02 Nucleus NET",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Nucleus ReadyStart for ARM, MIPS, and PPC"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions",
"product": {
"name": "Nucleus SafetyCert: All versions",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Nucleus SafetyCert"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions",
"product": {
"name": "Nucleus Source Code: All versions",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Nucleus Source Code"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions",
"product": {
"name": "VSTAR: All versions",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "VSTAR"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13939",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "By sending specially crafted DHCP packets to a device, an attacker may be able to affect availability and integrity of the device. Adjacent network access, but no authentication and no user interaction is needed to conduct this attack.",
"title": "Summary"
},
{
"category": "summary",
"text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13939"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Avoid using DHCP Client of Nucleus NET",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "See recommendations from section Workarounds and Mitigations or upgrade Nucleus ReadyStart and apply the corresponding patch. ",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "See recommendations from section Workarounds and Mitigations or upgrade Nucleus ReadyStart and apply the corresponding patch. ",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Nucleus SafetyCert is non affected since it leverages the LWNET stack which is not affected. The Nucleus SafetyCert bundle however, does include a copy of Nucleus ReadyStart to allow easier prototyping, which is affected as noted above. ",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "See recommendations from section Workaround and Mitigations ",
"product_ids": [
"CSAFPID-0005"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update instructions. ",
"product_ids": [
"CSAFPID-0006"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
}
]
}
]
}
icsa-20-105-06
Vulnerability from csaf_cisa
Published
2020-04-14 00:00
Modified
2022-05-12 00:00
Summary
ICSA-20-105-06_Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Risk evaluation
Successful exploitation of this vulnerability could allow an attacker to affect the availability and integrity of the device.
Exploitability
No known public exploits specifically target this vulnerability.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting this vulnerability to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow an attacker to affect the availability and integrity of the device.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "CISAservicedesk@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-20-105-06 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-105-06.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-20-105-06 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-105-06"
}
],
"title": "ICSA-20-105-06_Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update B)",
"tracking": {
"current_release_date": "2022-05-12T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA USCert CSAF Generator",
"version": "1"
}
},
"id": "ICSA-20-105-06",
"initial_release_date": "2020-04-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2020-04-14T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-20-105-06 Siemens SIMOTICS, Desigo, APOGEE, and TALON"
},
{
"date": "2021-01-12T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-20-105-06 Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update A)"
},
{
"date": "2021-12-16T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-20-105-06 Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update B)"
},
{
"date": "2022-04-14T00:00:00.000000Z",
"legacy_version": "C",
"number": "4",
"summary": "ICSA-20-105-06 Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update C)"
},
{
"date": "2022-05-12T00:00:00.000000Z",
"legacy_version": "D",
"number": "5",
"summary": "ICSA-20-105-06 Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update D)"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC001-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Desigo PXC001-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC100-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Desigo PXC100-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 3.5.3",
"product": {
"name": "APOGEE PXC Series (BACnet): All versions prior to 3.5.3",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "APOGEE PXC Series (BACnet)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC200-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Desigo PXC200-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXM20-E: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Desigo PXM20-E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 0.3.0.330",
"product": {
"name": "SIMOTICS CONNECT 400: All versions prior to 0.3.0.330",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "SIMOTICS CONNECT 400"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC36.1-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "Desigo PXC36.1-E.D"
},
{
"branches": [
{
"category": "product_version",
"name": "2.8.2 and 2.8.19",
"product": {
"name": "APOGEE PXC Series (P2): All versions between 2.8.2 and v2.8.19",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "APOGEE PXC Series (P2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC00-U: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "Desigo PXC00-U"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC00-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00010"
}
}
],
"category": "product_name",
"name": "Desigo PXC00-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC22-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00011"
}
}
],
"category": "product_name",
"name": "Desigo PXC22-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 2.8.2",
"product": {
"name": "APOGEE MEC/MBC/PXC (P2): All versions prior to 2.8.2",
"product_id": "CSAFPID-00012"
}
}
],
"category": "product_name",
"name": "APOGEE MEC/MBC/PXC (P2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC12-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00013"
}
}
],
"category": "product_name",
"name": "Desigo PXC12-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC50-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00014"
}
}
],
"category": "product_name",
"name": "Desigo PXC50-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC128-U: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00015"
}
}
],
"category": "product_name",
"name": "Desigo PXC128-U"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 3.5.3",
"product": {
"name": "TALON TC Series (BACnet): All versions prior to 3.5.3",
"product_id": "CSAFPID-00016"
}
}
],
"category": "product_name",
"name": "TALON TC Series (BACnet)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC64-U: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00017"
}
}
],
"category": "product_name",
"name": "Desigo PXC64-U"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC22.1-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00018"
}
}
],
"category": "product_name",
"name": "Desigo PXC22.1-E.D"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13939",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "summary",
"text": "The affected products could allow an attacker to change the IP address of the device to an invalid value. This may allow an attacker to make device configuration changes and affect its availability. CVE-2019-13939 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Desigo Products: Update to v6.00.327",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0007",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00017",
"CSAFPID-00018"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109791941/"
},
{
"category": "vendor_fix",
"details": "SIMOTICS CONNECT 400: Update to v0.3.0.330",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109778383"
},
{
"category": "vendor_fix",
"details": "TALON TC Series (BACnet): Update to v3.5.3",
"product_ids": [
"CSAFPID-00016"
],
"url": "https://support.industry.siemens.com/cs/ww/en/109778383"
},
{
"category": "vendor_fix",
"details": "APOGEE PXC Series (BACnet): Update to v3.5.3",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/109778383"
},
{
"category": "vendor_fix",
"details": "APOGEE PXC Series (P2): Update to v2.8.19 or later (contact Siemens for assistance)",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-00012"
],
"url": "https://www.siemens.com/cert/advisories"
},
{
"category": "mitigation",
"details": "Disable the DHCP client and use static IP address configuration instead (Note that the DHCP client is disabled by default on APOGEE/TALON and Desigo products).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018"
]
},
{
"category": "mitigation",
"details": "APOGEE MEC, MBC, PXC (versions prior to v2.8.2): Use static IP address configuration as described above",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0008",
"CSAFPID-00012"
]
},
{
"category": "mitigation",
"details": "APOGEE PXC Series and TALON TC Series products: If using a static IP address is not possible, update to the fix version listed above or contact your local Siemens office for support.",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0008",
"CSAFPID-00012",
"CSAFPID-00016"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018"
]
}
],
"title": "CVE-2019-13939"
}
]
}
icsa-19-318-01
Vulnerability from csaf_cisa
Published
2019-11-14 00:00
Modified
2019-11-14 00:00
Summary
Siemens Mentor Nucleus Networking Module
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of this vulnerability could allow an attacker to affect the integrity and availability of the device.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.
{
"document": {
"acknowledgments": [
{
"organization": "Armis",
"summary": "reporting this vulnerability to Siemens"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow an attacker to affect the integrity and availability of the device.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-318-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-318-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-318-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-318-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "SSA-496604: SSA-434032: Vulnerability in Mentor Nucleus Networking Module - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/SSA-434032.txt"
}
],
"title": "Siemens Mentor Nucleus Networking Module",
"tracking": {
"current_release_date": "2019-11-14T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-318-01",
"initial_release_date": "2019-11-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-11-14T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-318-01 Siemens Mentor Nucleus Networking Module"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions",
"product": {
"name": "Nucleus NET: All versions",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Nucleus NET"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions",
"product": {
"name": "Nucleus RTOS: All versions",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Nucleus RTOS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2017.02.2 with patch \"Nucleus 2017.02.02 Nucleus NET",
"product": {
"name": "Nucleus ReadyStart for ARM, MIPS, and PPC: All versions \u003c V2017.02.2 with patch \"Nucleus 2017.02.02 Nucleus NET",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Nucleus ReadyStart for ARM, MIPS, and PPC"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions",
"product": {
"name": "Nucleus SafetyCert: All versions",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Nucleus SafetyCert"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions",
"product": {
"name": "Nucleus Source Code: All versions",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Nucleus Source Code"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions",
"product": {
"name": "VSTAR: All versions",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "VSTAR"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13939",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "By sending specially crafted DHCP packets to a device, an attacker may be able to affect availability and integrity of the device. Adjacent network access, but no authentication and no user interaction is needed to conduct this attack.",
"title": "Summary"
},
{
"category": "summary",
"text": "At the time of advisory publication no public exploitation of this security vulnerability was known.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13939"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Avoid using DHCP Client of Nucleus NET",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
},
{
"category": "vendor_fix",
"details": "See recommendations from section Workarounds and Mitigations or upgrade Nucleus ReadyStart and apply the corresponding patch. ",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "See recommendations from section Workarounds and Mitigations or upgrade Nucleus ReadyStart and apply the corresponding patch. ",
"product_ids": [
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Nucleus SafetyCert is non affected since it leverages the LWNET stack which is not affected. The Nucleus SafetyCert bundle however, does include a copy of Nucleus ReadyStart to allow easier prototyping, which is affected as noted above. ",
"product_ids": [
"CSAFPID-0004"
]
},
{
"category": "vendor_fix",
"details": "See recommendations from section Workaround and Mitigations ",
"product_ids": [
"CSAFPID-0005"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update instructions. ",
"product_ids": [
"CSAFPID-0006"
]
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006"
]
}
]
}
]
}
ICSA-20-105-06
Vulnerability from csaf_cisa
Published
2020-04-14 00:00
Modified
2022-05-12 00:00
Summary
ICSA-20-105-06_Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update B)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Risk evaluation
Successful exploitation of this vulnerability could allow an attacker to affect the availability and integrity of the device.
Exploitability
No known public exploits specifically target this vulnerability.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting this vulnerability to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "summary",
"text": "Successful exploitation of this vulnerability could allow an attacker to affect the availability and integrity of the device.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "No known public exploits specifically target this vulnerability.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "CISAservicedesk@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-20-105-06 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-105-06.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-20-105-06 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-105-06"
}
],
"title": "ICSA-20-105-06_Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update B)",
"tracking": {
"current_release_date": "2022-05-12T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA USCert CSAF Generator",
"version": "1"
}
},
"id": "ICSA-20-105-06",
"initial_release_date": "2020-04-14T00:00:00.000000Z",
"revision_history": [
{
"date": "2020-04-14T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-20-105-06 Siemens SIMOTICS, Desigo, APOGEE, and TALON"
},
{
"date": "2021-01-12T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-20-105-06 Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update A)"
},
{
"date": "2021-12-16T00:00:00.000000Z",
"legacy_version": "B",
"number": "3",
"summary": "ICSA-20-105-06 Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update B)"
},
{
"date": "2022-04-14T00:00:00.000000Z",
"legacy_version": "C",
"number": "4",
"summary": "ICSA-20-105-06 Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update C)"
},
{
"date": "2022-05-12T00:00:00.000000Z",
"legacy_version": "D",
"number": "5",
"summary": "ICSA-20-105-06 Siemens SIMOTICS, Desigo, APOGEE, and TALON (Update D)"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC001-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Desigo PXC001-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC100-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Desigo PXC100-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 3.5.3",
"product": {
"name": "APOGEE PXC Series (BACnet): All versions prior to 3.5.3",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "APOGEE PXC Series (BACnet)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC200-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Desigo PXC200-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXM20-E: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0005"
}
}
],
"category": "product_name",
"name": "Desigo PXM20-E"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 0.3.0.330",
"product": {
"name": "SIMOTICS CONNECT 400: All versions prior to 0.3.0.330",
"product_id": "CSAFPID-0006"
}
}
],
"category": "product_name",
"name": "SIMOTICS CONNECT 400"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC36.1-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0007"
}
}
],
"category": "product_name",
"name": "Desigo PXC36.1-E.D"
},
{
"branches": [
{
"category": "product_version",
"name": "2.8.2 and 2.8.19",
"product": {
"name": "APOGEE PXC Series (P2): All versions between 2.8.2 and v2.8.19",
"product_id": "CSAFPID-0008"
}
}
],
"category": "product_name",
"name": "APOGEE PXC Series (P2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC00-U: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-0009"
}
}
],
"category": "product_name",
"name": "Desigo PXC00-U"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC00-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00010"
}
}
],
"category": "product_name",
"name": "Desigo PXC00-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC22-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00011"
}
}
],
"category": "product_name",
"name": "Desigo PXC22-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 2.8.2",
"product": {
"name": "APOGEE MEC/MBC/PXC (P2): All versions prior to 2.8.2",
"product_id": "CSAFPID-00012"
}
}
],
"category": "product_name",
"name": "APOGEE MEC/MBC/PXC (P2)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC12-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00013"
}
}
],
"category": "product_name",
"name": "Desigo PXC12-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC50-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00014"
}
}
],
"category": "product_name",
"name": "Desigo PXC50-E.D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC128-U: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00015"
}
}
],
"category": "product_name",
"name": "Desigo PXC128-U"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 3.5.3",
"product": {
"name": "TALON TC Series (BACnet): All versions prior to 3.5.3",
"product_id": "CSAFPID-00016"
}
}
],
"category": "product_name",
"name": "TALON TC Series (BACnet)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC64-U: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00017"
}
}
],
"category": "product_name",
"name": "Desigo PXC64-U"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 2.3x | \u003c= 6.00.327",
"product": {
"name": "Desigo PXC22.1-E.D: All versions 2.3x to v6.00.327",
"product_id": "CSAFPID-00018"
}
}
],
"category": "product_name",
"name": "Desigo PXC22.1-E.D"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13939",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "summary",
"text": "The affected products could allow an attacker to change the IP address of the device to an invalid value. This may allow an attacker to make device configuration changes and affect its availability. CVE-2019-13939 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been assigned; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Desigo Products: Update to v6.00.327",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0007",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00017",
"CSAFPID-00018"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109791941/"
},
{
"category": "vendor_fix",
"details": "SIMOTICS CONNECT 400: Update to v0.3.0.330",
"product_ids": [
"CSAFPID-0006"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109778383"
},
{
"category": "vendor_fix",
"details": "TALON TC Series (BACnet): Update to v3.5.3",
"product_ids": [
"CSAFPID-00016"
],
"url": "https://support.industry.siemens.com/cs/ww/en/109778383"
},
{
"category": "vendor_fix",
"details": "APOGEE PXC Series (BACnet): Update to v3.5.3",
"product_ids": [
"CSAFPID-0003"
],
"url": "https://support.industry.siemens.com/cs/ww/en/109778383"
},
{
"category": "vendor_fix",
"details": "APOGEE PXC Series (P2): Update to v2.8.19 or later (contact Siemens for assistance)",
"product_ids": [
"CSAFPID-0008",
"CSAFPID-00012"
],
"url": "https://www.siemens.com/cert/advisories"
},
{
"category": "mitigation",
"details": "Disable the DHCP client and use static IP address configuration instead (Note that the DHCP client is disabled by default on APOGEE/TALON and Desigo products).",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018"
]
},
{
"category": "mitigation",
"details": "APOGEE MEC, MBC, PXC (versions prior to v2.8.2): Use static IP address configuration as described above",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0008",
"CSAFPID-00012"
]
},
{
"category": "mitigation",
"details": "APOGEE PXC Series and TALON TC Series products: If using a static IP address is not possible, update to the fix version listed above or contact your local Siemens office for support.",
"product_ids": [
"CSAFPID-0003",
"CSAFPID-0008",
"CSAFPID-00012",
"CSAFPID-00016"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-00010",
"CSAFPID-00011",
"CSAFPID-00012",
"CSAFPID-00013",
"CSAFPID-00014",
"CSAFPID-00015",
"CSAFPID-00016",
"CSAFPID-00017",
"CSAFPID-00018"
]
}
],
"title": "CVE-2019-13939"
}
]
}
ghsa-jpvr-c9fc-2r4h
Vulnerability from github
Published
2022-05-24 17:06
Modified
2024-02-13 09:30
Severity ?
Details
A vulnerability has been identified in Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), VSTAR (All versions). By sending specially crafted DHCP packets to a device, an attacker may be able to affect availability and integrity of the device. Adjacent network access, but no authentication and no user interaction is needed to conduct this attack. At the time of advisory publication no public exploitation of this security vulnerability was known.
{
"affected": [],
"aliases": [
"CVE-2019-13939"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-16T16:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions \u003c V2017.02.2 with patch \"Nucleus 2017.02.02 Nucleus NET Patch\"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), VSTAR (All versions). By sending specially crafted DHCP packets to a device, an attacker may be able to affect availability and integrity of the device. Adjacent network access, but no authentication and no user interaction is needed to conduct this attack. At the time of advisory publication no public exploitation of this security vulnerability was known.",
"id": "GHSA-jpvr-c9fc-2r4h",
"modified": "2024-02-13T09:30:20Z",
"published": "2022-05-24T17:06:47Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13939"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06"
},
{
"type": "WEB",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-06"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
}
]
}
ssa-434032
Vulnerability from csaf_siemens
Published
2019-11-12 00:00
Modified
2024-02-13 00:00
Summary
SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS
Notes
Summary
The DHCP implementation of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains a vulnerability that could allow an attacker to change the IP address of an affected device to an invalid value.
Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The DHCP implementation of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains a vulnerability that could allow an attacker to change the IP address of an affected device to an invalid value.\n\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"
},
{
"category": "self",
"summary": "SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-434032.json"
},
{
"category": "self",
"summary": "SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"
},
{
"category": "self",
"summary": "SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-434032.txt"
}
],
"title": "SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS",
"tracking": {
"current_release_date": "2024-02-13T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-434032",
"initial_release_date": "2019-11-12T00:00:00Z",
"revision_history": [
{
"date": "2019-11-12T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-02-13T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Consolidated list of products; renamed Capital VSTAR to Capital Embedded AR Classic; added fix and mitigation for Capital Embedded AR Classic; added CVSSv4.0 vector and score"
}
],
"status": "interim",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Capital Embedded AR Classic 431-422",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "Capital Embedded AR Classic 431-422"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2303",
"product": {
"name": "Capital Embedded AR Classic R20-11",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "Capital Embedded AR Classic R20-11"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Nucleus NET",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "Nucleus NET"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2017.02.3",
"product": {
"name": "Nucleus ReadyStart V3",
"product_id": "4"
}
}
],
"category": "product_name",
"name": "Nucleus ReadyStart V3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Nucleus Source Code",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "Nucleus Source Code"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13939",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Avoid using DHCP Client of Nucleus NET",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Contact customer support or your local Nucleus Sales team for mitigation advice",
"product_ids": [
"3"
]
},
{
"category": "mitigation",
"details": "Disable DHCP client functionality, if feature not used, by deselecting the TcpIpIpV4General/TcpIpDhcpClientEnabled Pre-Compile configuration option",
"product_ids": [
"1",
"2"
]
},
{
"category": "mitigation",
"details": "Update to the latest version of Nucleus ReadyStart V3 or V4",
"product_ids": [
"3"
]
},
{
"category": "no_fix_planned",
"details": "Currently no fix is planned",
"product_ids": [
"3"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V2017.02.3 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V2303 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2019-13939"
}
]
}
SSA-434032
Vulnerability from csaf_siemens
Published
2019-11-12 00:00
Modified
2024-02-13 00:00
Summary
SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS
Notes
Summary
The DHCP implementation of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains a vulnerability that could allow an attacker to change the IP address of an affected device to an invalid value.
Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The DHCP implementation of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contains a vulnerability that could allow an attacker to change the IP address of an affected device to an invalid value.\n\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"
},
{
"category": "self",
"summary": "SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-434032.json"
},
{
"category": "self",
"summary": "SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"
},
{
"category": "self",
"summary": "SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-434032.txt"
}
],
"title": "SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS",
"tracking": {
"current_release_date": "2024-02-13T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-434032",
"initial_release_date": "2019-11-12T00:00:00Z",
"revision_history": [
{
"date": "2019-11-12T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-02-13T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Consolidated list of products; renamed Capital VSTAR to Capital Embedded AR Classic; added fix and mitigation for Capital Embedded AR Classic; added CVSSv4.0 vector and score"
}
],
"status": "interim",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Capital Embedded AR Classic 431-422",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "Capital Embedded AR Classic 431-422"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2303",
"product": {
"name": "Capital Embedded AR Classic R20-11",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "Capital Embedded AR Classic R20-11"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Nucleus NET",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "Nucleus NET"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2017.02.3",
"product": {
"name": "Nucleus ReadyStart V3",
"product_id": "4"
}
}
],
"category": "product_name",
"name": "Nucleus ReadyStart V3"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Nucleus Source Code",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "Nucleus Source Code"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13939",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Avoid using DHCP Client of Nucleus NET",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Contact customer support or your local Nucleus Sales team for mitigation advice",
"product_ids": [
"3"
]
},
{
"category": "mitigation",
"details": "Disable DHCP client functionality, if feature not used, by deselecting the TcpIpIpV4General/TcpIpDhcpClientEnabled Pre-Compile configuration option",
"product_ids": [
"1",
"2"
]
},
{
"category": "mitigation",
"details": "Update to the latest version of Nucleus ReadyStart V3 or V4",
"product_ids": [
"3"
]
},
{
"category": "no_fix_planned",
"details": "Currently no fix is planned",
"product_ids": [
"3"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
},
{
"category": "vendor_fix",
"details": "Update to V2017.02.3 or later version",
"product_ids": [
"4"
]
},
{
"category": "vendor_fix",
"details": "Update to V2303 or later version",
"product_ids": [
"2"
]
},
{
"category": "vendor_fix",
"details": "Contact customer support to receive patch and update information",
"product_ids": [
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2019-13939"
}
]
}
gsd-2019-13939
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions < V2.8.2), APOGEE PXC Series (BACnet) (All versions < V3.5.3), APOGEE PXC Series (P2) (All versions >= V2.8.2 and < V2.8.19), Desigo PXC00-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC00-U (All versions >= V2.3x and < V6.00.327), Desigo PXC001-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC100-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC12-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC128-U (All versions >= V2.3x and < V6.00.327), Desigo PXC200-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC22.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC36.1-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC50-E.D (All versions >= V2.3x and < V6.00.327), Desigo PXC64-U (All versions >= V2.3x and < V6.00.327), Desigo PXM20-E (All versions >= V2.3x and < V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch "Nucleus 2017.02.02 Nucleus NET Patch"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions < V0.3.0.330), TALON TC Series (BACnet) (All versions < V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-13939",
"description": "A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions \u003c V2.8.2), APOGEE PXC Series (BACnet) (All versions \u003e= V3.0), APOGEE PXC Series (P2) (All versions \u003e= V2.8.2), Desigo PXC (Power PC) (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXM20 (Power PC) (All versions \u003e= V2.3x and \u003c V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions \u003c V2017.02.2 with patch \"Nucleus 2017.02.02 Nucleus NET Patch\"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions \u003c= V0.3.0.95), TALON TC Series (BACnet) (All versions \u003e= V3.0), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.",
"id": "GSD-2019-13939"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-13939"
],
"details": "A vulnerability has been identified in APOGEE MEC/MBC/PXC (P2) (All versions \u003c V2.8.2), APOGEE PXC Series (BACnet) (All versions \u003c V3.5.3), APOGEE PXC Series (P2) (All versions \u003e= V2.8.2 and \u003c V2.8.19), Desigo PXC00-E.D (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC00-U (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC001-E.D (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC100-E.D (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC12-E.D (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC128-U (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC200-E.D (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC22-E.D (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC22.1-E.D (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC36.1-E.D (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC50-E.D (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXC64-U (All versions \u003e= V2.3x and \u003c V6.00.327), Desigo PXM20-E (All versions \u003e= V2.3x and \u003c V6.00.327), Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions \u003c V2017.02.2 with patch \"Nucleus 2017.02.02 Nucleus NET Patch\"), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), SIMOTICS CONNECT 400 (All versions \u003c V0.3.0.330), TALON TC Series (BACnet) (All versions \u003c V3.5.3), VSTAR (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. The vulnerability could affect availability and integrity of the device. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack.",
"id": "GSD-2019-13939",
"modified": "2023-12-13T01:23:41.822225Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-13939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Capital Embedded AR Classic 431-422",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "*"
}
]
}
},
{
"product_name": "Capital Embedded AR Classic R20-11",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "V2303"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Nucleus ReadyStart V3",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "V2017.02.3"
}
]
}
},
{
"product_name": "Nucleus Source Code",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "*"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value."
}
]
},
"impact": {
"cvss": [
{
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-20",
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:capital_vstar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC45D63-0FB7-4995-AF45-B41F6EF6A9E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:nucleus_net:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A987CFB-4A41-4F82-8C7F-31DE8F0650DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:nucleus_readystart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE16530A-D354-43A0-A2C7-DB312646C69C",
"versionEndExcluding": "2017.02.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:nucleus_safetycert:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED0DBA9-FFB1-407C-8429-BCD24DCB33FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:nucleus_source_code:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAF9C3-B56A-4F40-B90B-D0DE96869A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:nucleus_rtos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "485540AD-9966-49B0-AC24-BEFE81C4D4E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:apogee_modular_equiment_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8240E52-8D3B-40AF-944F-5AD993279B07",
"versionEndExcluding": "2.8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:apogee_modular_equiment_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7945BF7D-AB3A-4285-9C58-D56149ADFC15",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:apogee_modular_building_controller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "217F3116-5F09-4D60-BD65-8960401434AF",
"versionEndExcluding": "2.8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:apogee_modular_building_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F978E7-3DD9-4948-BFFB-E7273003477B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:apogee_pxc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1206DD28-16D8-4F71-BABA-FDCE3CD9A91D",
"versionEndIncluding": "2.8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:apogee_pxc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73DAA70-4CFB-4E63-ADC7-EC8A93E0BBBB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "741E43A3-43D1-4ECF-915A-92E035FF8903",
"versionStartIncluding": "2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8ED54EF-1BAB-465B-A4D1-E779F63CF4F0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxm20_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "669CAA1B-9E47-4331-8E1F-92D562F3CFF2",
"versionStartIncluding": "2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxm20:-:*:*:*:*:*:*:*",
"matchCriteriaId": "408DD298-FAC6-45E6-BF04-832C16B13927",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simotics_connect_400_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E01F98E1-441B-48CC-90FC-E9391D65844E",
"versionEndIncluding": "0.3.0.95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simotics_connect_400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48BFF9EF-D1C1-4107-8D1E-51315C03FFF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:talon_tc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7EC32195-D888-4A8B-AC77-D0C98A83E88A",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:talon_tc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F30FF737-174E-4760-A454-1DD174B4C966",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxc00-e.d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC441789-6954-48E7-9A42-1A2993C93066",
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxc00-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1727849-2FD8-40A2-91D3-E0C9662B45BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxc00-u_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E396F519-8055-486E-A2DB-F9E6DD5B1E2D",
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxc00-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD39D011-8AE2-46FE-9207-C110E2FBC07C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxc001-e.d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ACD8296-AC32-42CE-8B8D-A3F6FFD7A869",
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxc001-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC50C13-FA05-4459-BA1E-482D886B842B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxc12-e.d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B65BC2-7D65-4216-8B3A-773825297CFE",
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxc12-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDA404C0-FD6D-47CC-950C-E5DCC993C8E6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxc22-e.d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4CDD0E-FAB0-4F44-96AB-9ADDEFB456EC",
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxc22-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4D84CE-07AB-4305-9C48-54392772D4EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxc22.1-e.d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B66D45-3F60-469D-ADF6-ECB02567970C",
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxc22.1-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E67F374-BF75-4334-A6D5-AB570E0A70D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigo_pxc36.1-e.d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C11C33-5757-44C5-9CC2-4BC3F287DD75",
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigo_pxc36.1-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA7EF94-2EE2-4B53-A544-F675306DF84F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigopxc50-e.d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93AC0E5C-5A08-43E4-88E5-7681755126F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigopxc50-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2D5B24-63B5-41C8-B20B-98699C4979F9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigopxc64-u_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB6399E-E7BD-4469-8166-B03B74E421BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigopxc64-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "980885C3-B98A-4AC9-AB86-A8BBFF23F37D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigopxc100-e.d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9118355-1BBC-43C7-9923-0F8FAEA70D40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigopxc100-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93E5FEC8-EAE9-4235-91EE-FE68CCE19C43",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigopxc128-u_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B8DC6-A346-4D4B-B6F6-9831E7D1F999",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigopxc128-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF17316C-DDD6-42F9-A147-6729632D9902",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigopxc200-e.d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED820905-73EA-41F8-A2C5-17CD6BCF1707",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigopxc200-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E05F84E0-808C-4C40-9D50-9BE0117B791E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:desigopxm20-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFE56A4-408F-4807-A76D-B54AD9C85C28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:desigopxm20-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "162C32E8-05CD-40A2-AB56-17CE4D85842F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en APOGEE MEC/MBC/PXC (P2) (Todas las versiones anteriores a V2.8.2), APOGEE PXC Series (BACnet) (Todas las versiones anteriores a V3.5.3), APOGEE PXC Series (P2) (Todas las versiones posteriores o iguales a V2. 8.2 y anteriores a V2.8.19), Desigo PXC00-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC00-U (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC001-E. D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC100-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC12-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00. 327), Desigo PXC128-U (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC200-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC22-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00. 327), Desigo PXC22.1-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC36.1-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC50-E. D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC64-U (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXM20-E (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00. 327), Nucleus NET (Todas las versiones), Nucleus RTOS (Todas las versiones), Nucleus ReadyStart para ARM, MIPS y PPC (Todas las versiones anteriores a V2017.02.2 con parche \"Nucleus 2017.02. 02 Nucleus NET Patch\"), Nucleus SafetyCert (Todas las versiones), Nucleus Source Code (Todas las versiones), SIMOTICS CONNECT 400 (Todas las versiones anteriores a V0.3.0.330), TALON TC Series (BACnet) (Todas las versiones anteriores a V3.5.3), VSTAR (Todas las versiones). Al enviar paquetes DHCP especialmente dise\u00f1ados a un dispositivo donde el cliente DHCP est\u00e1 habilitado, un atacante podr\u00eda cambiar la direcci\u00f3n IP del dispositivo a un valor no v\u00e1lido. La vulnerabilidad podr\u00eda afectar a la disponibilidad e integridad del dispositivo. Se requiere acceso a la red adyacente, pero no se necesita autenticaci\u00f3n ni interacci\u00f3n del usuario para realizar un ataque"
}
],
"id": "CVE-2019-13939",
"lastModified": "2024-02-13T09:15:42.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2020-01-16T16:15:16.277",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html"
},
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"
},
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
}
}
}
var-202001-1848
Vulnerability from variot
A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. Several Siemens products contain input validation vulnerabilities.Information is falsified and denial of service (DoS) May be in a state. Nucleus RTOS provides a highly scalable, microkernel-based, real-time operating system designed for scalability and reliability in systems spanning aerospace, industrial, and medical applications.
The Siemens Mentor Nucleus Networking Module has a security vulnerability. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-1848",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "nucleus source code",
"scope": "eq",
"trust": 1.2,
"vendor": "siemens",
"version": "*"
},
{
"model": "nucleus safetycert",
"scope": "eq",
"trust": 1.2,
"vendor": "siemens",
"version": "*"
},
{
"model": "nucleus rtos",
"scope": "eq",
"trust": 1.2,
"vendor": "siemens",
"version": "*"
},
{
"model": "nucleus net",
"scope": "eq",
"trust": 1.2,
"vendor": "siemens",
"version": "*"
},
{
"model": "apogee pxc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.8.2"
},
{
"model": "desigopxc100-e.d",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "capital vstar",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "desigo pxm20",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3"
},
{
"model": "desigopxm20-e",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "desigopxc128-u",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "desigo pxc00-e.d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.00.327"
},
{
"model": "desigopxc200-e.d",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simotics connect 400",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "0.3.0.95"
},
{
"model": "desigo pxc00-e.d",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "desigo pxc22-e.d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.00.327"
},
{
"model": "desigo pxc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3"
},
{
"model": "desigo pxc36.1-e.d",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "nucleus readystart",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2017.02.2"
},
{
"model": "desigopxc64-u",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "desigopxc50-e.d",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "talon tc",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "desigo pxc22.1-e.d",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "apogee modular equiment controller",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.8.2"
},
{
"model": "desigo pxc12-e.d",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "desigo pxc12-e.d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.00.327"
},
{
"model": "desigo pxc22-e.d",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "desigo pxc00-u",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "apogee modular building controller",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.8.2"
},
{
"model": "desigo pxc00-u",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.00.327"
},
{
"model": "desigo pxc001-e.d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.00.327"
},
{
"model": "desigo pxc001-e.d",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3.0"
},
{
"model": "desigo pxc22.1-e.d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.00.327"
},
{
"model": "desigo pxc36.1-e.d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "6.00.327"
},
{
"model": "nucleus net",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "nucleus readystart",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "nucleus safetycert",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "nucleus source code",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "vstar",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "nucleus rtos",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "nucleus net",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "nucleus rtos",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "nucleus readystart for arm,mips,and ppc v2017.02.2",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "nucleus safetycert",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "nucleus source code",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "vstar",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "vstar",
"scope": "eq",
"trust": 0.2,
"vendor": "siemens",
"version": "*"
},
{
"model": "nucleus readystart for arm mips and ppc nucleus2017.02.02 nucleus net patch",
"scope": "lt",
"trust": 0.2,
"vendor": "siemens",
"version": "v2017.02.2()"
}
],
"sources": [
{
"db": "IVD",
"id": "40768cf9-1948-4815-8773-a73bf2de3c14"
},
{
"db": "CNVD",
"id": "CNVD-2019-40512"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014365"
},
{
"db": "NVD",
"id": "CVE-2019-13939"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:nucleus_rtos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:nucleus_readystart:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2017.02.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:nucleus_source_code:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:nucleus_safetycert:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:nucleus_net:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:capital_vstar:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:apogee_modular_equiment_controller_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.8.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:apogee_modular_equiment_controller:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:apogee_modular_building_controller_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.8.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:apogee_modular_building_controller:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:apogee_pxc_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.8.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:apogee_pxc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigo_pxc_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigo_pxc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigo_pxm20_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "2.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigo_pxm20:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:simotics_connect_400_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.3.0.95",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:simotics_connect_400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:talon_tc_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:talon_tc:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigo_pxc00-e.d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigo_pxc00-e.d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigo_pxc00-u_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigo_pxc00-u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigo_pxc001-e.d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigo_pxc001-e.d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigo_pxc12-e.d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigo_pxc12-e.d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigo_pxc22-e.d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigo_pxc22-e.d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigo_pxc22.1-e.d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigo_pxc22.1-e.d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigo_pxc36.1-e.d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.00.327",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigo_pxc36.1-e.d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigopxc50-e.d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigopxc50-e.d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigopxc64-u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigopxc64-u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigopxc100-e.d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigopxc100-e.d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigopxc128-u_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigopxc128-u:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigopxc200-e.d_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigopxc200-e.d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:desigopxm20-e_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:desigopxm20-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13939"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported this vulnerability to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1004"
}
],
"trust": 0.6
},
"cve": "CVE-2019-13939",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-13939",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2019-40512",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "40768cf9-1948-4815-8773-a73bf2de3c14",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.1,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2019-13939",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-13939",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2019-13939",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-40512",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1004",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "40768cf9-1948-4815-8773-a73bf2de3c14",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-13939",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "40768cf9-1948-4815-8773-a73bf2de3c14"
},
{
"db": "CNVD",
"id": "CNVD-2019-40512"
},
{
"db": "VULMON",
"id": "CVE-2019-13939"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014365"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1004"
},
{
"db": "NVD",
"id": "CVE-2019-13939"
},
{
"db": "NVD",
"id": "CVE-2019-13939"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions \u003c V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value. Several Siemens products contain input validation vulnerabilities.Information is falsified and denial of service (DoS) May be in a state. Nucleus RTOS provides a highly scalable, microkernel-based, real-time operating system designed for scalability and reliability in systems spanning aerospace, industrial, and medical applications. \n\nThe Siemens Mentor Nucleus Networking Module has a security vulnerability. ** ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Adjacent network access is required, but no authentication and no user interaction is needed to conduct an attack",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13939"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014365"
},
{
"db": "CNVD",
"id": "CNVD-2019-40512"
},
{
"db": "IVD",
"id": "40768cf9-1948-4815-8773-a73bf2de3c14"
},
{
"db": "VULMON",
"id": "CVE-2019-13939"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-13939",
"trust": 3.3
},
{
"db": "SIEMENS",
"id": "SSA-434032",
"trust": 2.3
},
{
"db": "SIEMENS",
"id": "SSA-162506",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-20-105-06",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2019-40512",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1004",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014365",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.4317",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1316",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-318-01",
"trust": 0.6
},
{
"db": "IVD",
"id": "40768CF9-1948-4815-8773-A73BF2DE3C14",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2019-13939",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "40768cf9-1948-4815-8773-a73bf2de3c14"
},
{
"db": "CNVD",
"id": "CNVD-2019-40512"
},
{
"db": "VULMON",
"id": "CVE-2019-13939"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014365"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1004"
},
{
"db": "NVD",
"id": "CVE-2019-13939"
}
]
},
"id": "VAR-202001-1848",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "40768cf9-1948-4815-8773-a73bf2de3c14"
},
{
"db": "CNVD",
"id": "CNVD-2019-40512"
}
],
"trust": 1.35855882
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "40768cf9-1948-4815-8773-a73bf2de3c14"
},
{
"db": "CNVD",
"id": "CNVD-2019-40512"
}
]
},
"last_update_date": "2024-02-13T22:51:34.656000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-434032",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"
},
{
"title": "Patch for Unknown vulnerability in Siemens Mentor Nucleus Networking Module",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/189921"
},
{
"title": "Siemens Mentor Nucleus Multiple module input verification error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=102969"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=1d3485226953a78b85a97370300ecdef"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=ac20b09bb530d9b8d4b71cc160e36049"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-40512"
},
{
"db": "VULMON",
"id": "CVE-2019-13939"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014365"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1004"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Incorrect input confirmation (CWE-20) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014365"
},
{
"db": "NVD",
"id": "CVE-2019-13939"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"
},
{
"trust": 2.3,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13939"
},
{
"trust": 1.2,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-06"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1316/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4317/"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-318-01"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-105-06"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-40512"
},
{
"db": "VULMON",
"id": "CVE-2019-13939"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014365"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1004"
},
{
"db": "NVD",
"id": "CVE-2019-13939"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "40768cf9-1948-4815-8773-a73bf2de3c14"
},
{
"db": "CNVD",
"id": "CNVD-2019-40512"
},
{
"db": "VULMON",
"id": "CVE-2019-13939"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014365"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1004"
},
{
"db": "NVD",
"id": "CVE-2019-13939"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-14T00:00:00",
"db": "IVD",
"id": "40768cf9-1948-4815-8773-a73bf2de3c14"
},
{
"date": "2019-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-40512"
},
{
"date": "2020-01-16T00:00:00",
"db": "VULMON",
"id": "CVE-2019-13939"
},
{
"date": "2020-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014365"
},
{
"date": "2019-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1004"
},
{
"date": "2020-01-16T16:15:16.277000",
"db": "NVD",
"id": "CVE-2019-13939"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-40512"
},
{
"date": "2022-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2019-13939"
},
{
"date": "2020-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014365"
},
{
"date": "2022-05-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1004"
},
{
"date": "2024-02-13T09:15:42.770000",
"db": "NVD",
"id": "CVE-2019-13939"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1004"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation vulnerabilities in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014365"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation error",
"sources": [
{
"db": "IVD",
"id": "40768cf9-1948-4815-8773-a73bf2de3c14"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1004"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.