cve-2019-13940
Vulnerability from cvelistv5
Published
2020-02-11 15:36
Modified
2024-08-05 00:05
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server
by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp.
Beyond the web service, no other functions or interfaces are affected by the denial of service condition.
References
▼ | URL | Tags | |
---|---|---|---|
productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf | Vendor Advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T00:05:44.018Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC ET 200S IM151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V4.1" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 315T-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317T-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-300 CPU 319F-3 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIMATIC WinAC RTX F 2010", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM151-8 PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS ET 200S IM151-8F PN/DP CPU", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 314C-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 315F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] }, { "defaultStatus": "unknown", "product": "SIPLUS S7-300 CPU 317F-2 PN/DP", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.X.17" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions \u003c V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions \u003c V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions \u003c V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions \u003c V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions \u003c V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server\r\nby sending specially crafted HTTP requests to ports 80/tcp and 443/tcp.\r\n\r\nBeyond the web service, no other functions or interfaces are affected by the denial of service condition." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-10T11:39:13.999Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-13940", "datePublished": "2020-02-11T15:36:10", "dateReserved": "2019-07-18T00:00:00", "dateUpdated": "2024-08-05T00:05:44.018Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2019-13940\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2020-02-11T16:15:14.773\",\"lastModified\":\"2023-11-07T03:04:28.763\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions \u003c V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions \u003c V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions \u003c V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions \u003c V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions \u003c V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions \u003c V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions \u003c V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions \u003c V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions \u003c V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions \u003c V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions \u003c V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server\\r\\nby sending specially crafted HTTP requests to ports 80/tcp and 443/tcp.\\r\\n\\r\\nBeyond the web service, no other functions or interfaces are affected by the denial of service condition.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en la familia de CPUs SIMATIC S7-1200 (incluidas las variantes SIPLUS) (Todas las versiones anteriores a V4.1), la familia de CPUs SIMATIC S7-300 PN/DP (incluidas las CPUs ET200 relacionadas y las variantes SIPLUS) (Todas las versiones anteriores a V3.X.17 ), familia de CPU SIMATIC S7-400 PN/DP V6 e inferiores (incl. variantes SIPLUS) (Todas las versiones), familia de CPU SIMATIC S7-400 PN/DP V7 (incl. variantes SIPLUS) (Todas las versiones), SIMATIC WinAC RTX (F) 2010 (Todas las versiones). Los dispositivos afectados contienen una vulnerabilidad que podr\u00eda causar una condici\u00f3n de denegaci\u00f3n de servicio del servidor web mediante el env\u00edo de peticiones HTTP especialmente dise\u00f1adas a los puertos 80/tcp y 443/tcp. La vulnerabilidad de seguridad podr\u00eda ser explotada por un atacante con acceso a la red de un dispositivo afectado. La explotaci\u00f3n exitosa no requiere privilegios del sistema ni interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad del servidor web del dispositivo. Aparte del servicio web, no hay otras funciones o interfaces afectadas por la condici\u00f3n de denegaci\u00f3n de servicio\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"E9437AAD-4048-40DD-9744-E1D6D674F6E0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:s7-1200_cpu_1211c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61C1E689-5C2F-4EA6-8908-F4DE80F0DC15\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"E3819941-7F6C-44F0-A91D-76AA0EF80108\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:s7-1200_cpu_1212c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F64C2324-903C-4D44-A882-DAFAC6D72A41\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"E1E3D84C-3367-4B6F-BF7C-DD4D2C91D79A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:s7-1200_cpu_1214c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C0D9EA6-F503-4EF3-A59E-E9DD27194C6D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"4DC7EE33-D833-4D19-82B7-02D0A8DA99C5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:s7-1200_cpu_1215c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1885A3FE-DB40-47B7-AC89-1D778F702E2A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"057D3C0B-19CB-4CEE-9CE1-75F1E2B9F7B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:s7-1200_cpu_1217c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C66C66F8-8A06-4BA0-A2E2-82889778C0FA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:s7-1200_cpu_1212fc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"21ACBE3A-6B9B-47E0-AF50-95E5FF17F811\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:s7-1200_cpu_1212fc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44D5089B-413A-4829-A035-8E2852C41291\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:s7-1200_cpu_1214fc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"2A80C325-BA66-413E-AB52-E75AE78E14B9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:s7-1200_cpu_1214fc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72240379-74FC-4C3C-A31B-BFEEADB8FFFD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:s7-1200_cpu_1215fc_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"23DD97D0-C6DC-4745-AA0A-1F636B5B805C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:s7-1200_cpu_1215fc:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3B5BEF3-84FF-4D05-A010-94A8E2593E2E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-1200_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"5091C8D1-D15F-4632-95B9-5D7811CE6554\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-1200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"108670FB-BE27-4961-8CCB-07E1FF93624D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_cpu_1211c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"B091889A-AC6B-4301-815C-530F1D6D5238\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_cpu_1211c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"658D85DE-D124-4452-8540-D0A165FF79EA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_cpu_1212c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"DB20B434-8AA7-4DFC-9C7B-2C778C54D9D3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_cpu_1212c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED7AE1F6-A1D2-40AF-BDDD-5D3913D75833\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_cpu_1214c_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.1\",\"matchCriteriaId\":\"9D4C79E6-052B-47F2-BCDA-D8A792B7D0EE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_cpu_1214c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC520E65-87BF-41FB-BE5B-0D309F42FD50\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_cpu_1215c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"C742F31E-66A8-4781-A4EF-881C4E45190E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_cpu_1215c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"889E0984-9116-4928-ABD0-12FC92079B22\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-300_cpu_319-3_pn\\\\/dp_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3143965-3A6D-4EFD-9DF4-A341DFE0E922\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-300_cpu_319-3_pn\\\\/dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7167E5B0-D278-4F63-B5CD-39DBDF336089\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2dp_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A1557AE-0F0A-4EA8-AE26-779E8C98336F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEB6DA13-FD4E-4168-A08A-00547E656CA1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-300_cpu_315-2_pn\\\\/dp_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4309A70D-5C4C-4F03-A5C6-1735AEE0E410\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-300_cpu_315-2_pn\\\\/dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A773F92D-E5C0-4B51-8214-19BFE6BC7638\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-300_cpu_317-2_dp_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0B56C44-3148-4612-9543-9F96DF0142A6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-300_cpu_317-2_dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7593F136-F558-4C3D-8429-5141A621981B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-300_cpu_317-2_pn\\\\/dp_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3677E3F-ABFE-4D77-96CF-68E58FF45CF1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-300_cpu_317-2_pn\\\\/dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A340DA65-BA46-4F72-8951-93135F9F6602\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-300_cpu_319-3_pn\\\\/dp_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3143965-3A6D-4EFD-9DF4-A341DFE0E922\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-300_cpu_319-3_pn\\\\/dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7167E5B0-D278-4F63-B5CD-39DBDF336089\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-300_cpu_314_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B922AD6-819B-4D7F-A31A-E4D39CE8DC6A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-300_cpu_314:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F00AE1-D55A-4C7C-A421-2B89BDFE4C9D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-300_cpu_315-2_dp_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A94629F5-6569-406C-8E8E-990F2E21B0A0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-300_cpu_315-2_dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D038857-CED3-4312-9B86-36DC10A0398F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-300_cpu_315-2_pn\\\\/dp_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B093DE9C-1E39-4CF3-89B9-6A2B678A477E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-300_cpu_315-2_pn\\\\/dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FC6FF34-3155-4CF8-88D5-4EAE00B32163\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:siplus_s7-300_cpu_317-2_pn\\\\/dp_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3844D023-F67B-41B4-8B9E-EAF8B79E9209\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:siplus_s7-300_cpu_317-2_pn\\\\/dp:v6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A5CDFEA-E5F2-419F-A1B3-D98C44D38D84\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:simatic_s7-400_pn\\\\/dp_cpu_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ECD08DA-16E8-4C33-A07B-DA1EACADAF70\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:simatic_s7-400_pn\\\\/dp_cpu:v7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A07D125-F671-40E6-8E9C-6E13F7E00ADD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_winac_rtx_\\\\(f\\\\)_2010:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5537D556-046A-444A-9AB6-B4F9AA121CF1\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.