CVE-2019-19282 (GCVE-0-2019-19282)

Vulnerability from cvelistv5 – Published: 2020-03-10 19:16 – Updated: 2024-08-05 02:09
VLAI?
Summary
A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition. Successful exploitation requires no system privileges and no user interaction.
Severity ?
7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C
CWE
  • CWE-131 - Incorrect Calculation of Buffer Size
Assigner
References
Impacted products
Vendor Product Version
Siemens OpenPCS 7 V8.1 Affected: All versions
Create a notification for this product.
    Siemens OpenPCS 7 V8.2 Affected: All versions
Create a notification for this product.
    Siemens OpenPCS 7 V9.0 Affected: All versions < V9.0 Upd3
Create a notification for this product.
    Siemens SIMATIC BATCH V8.1 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC BATCH V8.2 Affected: All versions < V8.2 Upd12
Create a notification for this product.
    Siemens SIMATIC BATCH V9.0 Affected: All versions < V9.0 SP1 Upd5
Create a notification for this product.
    Siemens SIMATIC NET PC Software V14 Affected: All versions < V14 SP1 Update 14
Create a notification for this product.
    Siemens SIMATIC NET PC Software V15 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC NET PC Software V16 Affected: All versions < V16 Update 1
Create a notification for this product.
    Siemens SIMATIC PCS 7 V8.1 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC PCS 7 V8.2 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC PCS 7 V9.0 Affected: All versions < V9.0 SP3
Create a notification for this product.
    Siemens SIMATIC Route Control V8.1 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC Route Control V8.2 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC Route Control V9.0 Affected: All versions < V9.0 Upd4
Create a notification for this product.
    Siemens SIMATIC WinCC (TIA Portal) V13 Affected: All versions < V13 SP2
Create a notification for this product.
    Siemens SIMATIC WinCC (TIA Portal) V14 Affected: All versions < V14 SP1 Update 10
Create a notification for this product.
    Siemens SIMATIC WinCC (TIA Portal) V15.1 Affected: All versions < V15.1 Update 5
Create a notification for this product.
    Siemens SIMATIC WinCC (TIA Portal) V16 Affected: All versions < V16 Update 1
Create a notification for this product.
    Siemens SIMATIC WinCC V7.3 Affected: All versions
Create a notification for this product.
    Siemens SIMATIC WinCC V7.4 Affected: All versions < V7.4 SP1 Update 14
Create a notification for this product.
    Siemens SIMATIC WinCC V7.5 Affected: All versions < V7.5 SP1 Update 1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:09:39.657Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "OpenPCS 7 V8.1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "OpenPCS 7 V8.2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "OpenPCS 7 V9.0",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V9.0 Upd3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC BATCH V8.1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC BATCH V8.2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V8.2 Upd12"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC BATCH V9.0",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V9.0 SP1 Upd5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC NET PC Software V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 14"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC NET PC Software V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC NET PC Software V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PCS 7 V8.1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PCS 7 V8.2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PCS 7 V9.0",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V9.0 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Route Control V8.1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Route Control V8.2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Route Control V9.0",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V9.0 Upd4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC (TIA Portal) V13",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V13 SP2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC (TIA Portal) V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC (TIA Portal) V15.1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC (TIA Portal) V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC V7.3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC V7.4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.4 SP1 Update 14"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC V7.5",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.5 SP1 Update 1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd12), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions \u003c V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions \u003c V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.\nSuccessful exploitation requires no system privileges and no user interaction."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-131",
              "description": "CWE-131: Incorrect Calculation of Buffer Size",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-11T09:01:49.748Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-19282",
    "datePublished": "2020-03-10T19:16:17",
    "dateReserved": "2019-11-26T00:00:00",
    "dateUpdated": "2024-08-05T02:09:39.657Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:openpcs_7:9.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CBF717A-B2D4-459C-894A-65622570645D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:openpcs_7:9.0_update_1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"957DDF70-1837-4E92-A707-944AD6ED4304\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_batch:9.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"E54F6E83-C353-44FB-9F37-C03DA344A5DC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_batch:9.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E19D98B-B40A-4589-8C26-7722C25EEC63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"85CDD274-B2B4-4DB0-9917-C16B5D900006\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B435D51-FFA2-4F19-9B51-404BB37D7F0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFBBC7D6-D1D4-452E-A744-B490CF002354\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"98BC62E3-4C0B-481A-9274-B9C785F8FDC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"16\", \"matchCriteriaId\": \"744B5953-511F-42CA-80A0-DBE36A6AA144\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"496E3C43-5DA8-4983-8AC6-0F32454E22F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"858628AC-EA69-4D72-AE23-77A4A8DE2547\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4A75F15-8F47-4348-A85C-D94BBA8F9992\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_pcs_7:9.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AA0E077-AB19-473B-9454-8FED7188A2C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_pcs_7:9.0:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"19EA3CAD-E7CB-412F-A2EA-86A81EC25425\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"9.0\", \"matchCriteriaId\": \"885BA05F-BD8F-4DE9-BDD3-6C2C76418B05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_route_control:9.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"57073CE8-174E-429D-A721-AB14C7D16D4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"2637C346-8AAF-481F-AFB0-BAD4254D14F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9589FF11-4F9B-40F6-A6C6-55405B9EE351\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DB57B3A-C3B6-4E61-9DAE-B12CEA8CD093\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_11:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA6B2933-9C44-480C-96DC-6DF8C88950AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_12:*:*:*:*:*:*\", \"matchCriteriaId\": \"45097864-DD87-4587-997B-792F0175472B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_13:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FB24A30-0F93-430D-817E-05E4594C8823\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"25237B9A-2E51-4F17-BD75-04D245CCC51D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"90643D49-9EFC-4B9A-99C8-266135DF2E00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC4D7B24-91FF-4891-ABC3-683A6C72ADDA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1DD77A4-1716-4793-AD73-79D04E3D2AEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E667123-6909-4DF2-8CEB-6E87E9FC48BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"04A5C76A-5D6D-47F8-BEF7-503F9A89AD18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_8:*:*:*:*:*:*\", \"matchCriteriaId\": \"E776629C-904C-49D6-BF3F-8520FA7D5DFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_9:*:*:*:*:*:*\", \"matchCriteriaId\": \"805DAA15-03A3-4F63-90F7-EA130E5136F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"E79DA14E-419C-49BA-8E4F-2907E1D8937F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:-:*:*:*:*:*\", \"matchCriteriaId\": \"00A48A8E-C112-4778-8A7B-2386E88A0177\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:7.5.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3D10C7E-5FD5-4B37-884B-B450DE5F800B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:13:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D9FE447-2090-47D2-8667-5DC7605089BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:13:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB4FFADC-51F0-439F-9F80-D2B2614FFC39\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:14.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE5A7162-F1B5-4E74-99D6-4108AC4C49FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:15.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"50B77C2A-4D66-4407-8CA4-99C43ED72DDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:15.1:update_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9794ED7E-EB17-4C95-B900-840A48758F03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:15.1:update_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"57E82CFE-4191-4055-A0BA-EAB7BE96D947\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:15.1:update_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4DBBDAA-BCAE-4B63-BDFC-3DD70DAD9B7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:15.1:update_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5AF87C6-F8D6-4462-9DF5-B9D301002B1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4316924-9EF8-4835-A2E4-0C81F4DE473D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd12), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions \u003c V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions \u003c V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.\\nSuccessful exploitation requires no system privileges and no user interaction.\"}, {\"lang\": \"es\", \"value\": \"Se ha identificado una vulnerabilidad en OpenPCS 7 V8.1 (Todas las versiones), OpenPCS 7 V8.2 (Todas las versiones), OpenPCS 7 V9.0 (Todas las versiones anteriores a V9.0 Upd3), SIMATIC BATCH V8.1 (Todas las versiones), SIMATIC BATCH V8.2 (Todas las versiones), SIMATIC BATCH V9.0 (Todas las versiones anteriores a V9. 0 SP1 Upd5), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a V16 Update 1), SIMATIC PCS 7 V8.1 (Todas las versiones), SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9. 0 SP3), SIMATIC Route Control V8.1 (Todas las versiones), SIMATIC Route Control V8.2 (Todas las versiones), SIMATIC Route Control V9.0 (Todas las versiones anteriores a V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (Todas las versiones anteriores a V13 SP2), SIMATIC WinCC (TIA Portal) V14 (Todas las versiones anteriores a V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15. 1 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 1), SIMATIC WinCC V7.3 (Todas las versiones), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (Todas las versiones anteriores a V7.5 SP1 Update 1). A trav\\u00e9s de mensajes especialmente dise\\u00f1ados, cuando la comunicaci\\u00f3n cifrada est\\u00e1 habilitada, un atacante con acceso a la red podr\\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad del sistema causando una condici\\u00f3n de denegaci\\u00f3n de servicio. La explotaci\\u00f3n exitosa no requiere privilegios del sistema ni interacci\\u00f3n del usuario\"}]",
      "id": "CVE-2019-19282",
      "lastModified": "2024-11-21T04:34:29.480",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"productcert@siemens.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-03-10T20:15:18.960",
      "references": "[{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "productcert@siemens.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"productcert@siemens.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-131\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-19282\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2020-03-10T20:15:18.960\",\"lastModified\":\"2024-11-21T04:34:29.480\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd12), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions \u003c V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions \u003c V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.\\nSuccessful exploitation requires no system privileges and no user interaction.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en OpenPCS 7 V8.1 (Todas las versiones), OpenPCS 7 V8.2 (Todas las versiones), OpenPCS 7 V9.0 (Todas las versiones anteriores a V9.0 Upd3), SIMATIC BATCH V8.1 (Todas las versiones), SIMATIC BATCH V8.2 (Todas las versiones), SIMATIC BATCH V9.0 (Todas las versiones anteriores a V9. 0 SP1 Upd5), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a V16 Update 1), SIMATIC PCS 7 V8.1 (Todas las versiones), SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9. 0 SP3), SIMATIC Route Control V8.1 (Todas las versiones), SIMATIC Route Control V8.2 (Todas las versiones), SIMATIC Route Control V9.0 (Todas las versiones anteriores a V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (Todas las versiones anteriores a V13 SP2), SIMATIC WinCC (TIA Portal) V14 (Todas las versiones anteriores a V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15. 1 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 1), SIMATIC WinCC V7.3 (Todas las versiones), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (Todas las versiones anteriores a V7.5 SP1 Update 1). A trav\u00e9s de mensajes especialmente dise\u00f1ados, cuando la comunicaci\u00f3n cifrada est\u00e1 habilitada, un atacante con acceso a la red podr\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad del sistema causando una condici\u00f3n de denegaci\u00f3n de servicio. La explotaci\u00f3n exitosa no requiere privilegios del sistema ni interacci\u00f3n del usuario\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-131\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:openpcs_7:9.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CBF717A-B2D4-459C-894A-65622570645D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:openpcs_7:9.0_update_1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"957DDF70-1837-4E92-A707-944AD6ED4304\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_batch:9.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E54F6E83-C353-44FB-9F37-C03DA344A5DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_batch:9.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E19D98B-B40A-4589-8C26-7722C25EEC63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"85CDD274-B2B4-4DB0-9917-C16B5D900006\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B435D51-FFA2-4F19-9B51-404BB37D7F0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFBBC7D6-D1D4-452E-A744-B490CF002354\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"98BC62E3-4C0B-481A-9274-B9C785F8FDC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"16\",\"matchCriteriaId\":\"744B5953-511F-42CA-80A0-DBE36A6AA144\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"496E3C43-5DA8-4983-8AC6-0F32454E22F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"858628AC-EA69-4D72-AE23-77A4A8DE2547\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4A75F15-8F47-4348-A85C-D94BBA8F9992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_pcs_7:9.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AA0E077-AB19-473B-9454-8FED7188A2C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_pcs_7:9.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"19EA3CAD-E7CB-412F-A2EA-86A81EC25425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.0\",\"matchCriteriaId\":\"885BA05F-BD8F-4DE9-BDD3-6C2C76418B05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_route_control:9.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"57073CE8-174E-429D-A721-AB14C7D16D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2637C346-8AAF-481F-AFB0-BAD4254D14F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9589FF11-4F9B-40F6-A6C6-55405B9EE351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DB57B3A-C3B6-4E61-9DAE-B12CEA8CD093\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA6B2933-9C44-480C-96DC-6DF8C88950AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"45097864-DD87-4587-997B-792F0175472B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FB24A30-0F93-430D-817E-05E4594C8823\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"25237B9A-2E51-4F17-BD75-04D245CCC51D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"90643D49-9EFC-4B9A-99C8-266135DF2E00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC4D7B24-91FF-4891-ABC3-683A6C72ADDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1DD77A4-1716-4793-AD73-79D04E3D2AEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E667123-6909-4DF2-8CEB-6E87E9FC48BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"04A5C76A-5D6D-47F8-BEF7-503F9A89AD18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"E776629C-904C-49D6-BF3F-8520FA7D5DFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"805DAA15-03A3-4F63-90F7-EA130E5136F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E79DA14E-419C-49BA-8E4F-2907E1D8937F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:-:*:*:*:*:*\",\"matchCriteriaId\":\"00A48A8E-C112-4778-8A7B-2386E88A0177\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:7.5.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3D10C7E-5FD5-4B37-884B-B450DE5F800B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:13:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D9FE447-2090-47D2-8667-5DC7605089BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:13:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB4FFADC-51F0-439F-9F80-D2B2614FFC39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:14.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE5A7162-F1B5-4E74-99D6-4108AC4C49FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"50B77C2A-4D66-4407-8CA4-99C43ED72DDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9794ED7E-EB17-4C95-B900-840A48758F03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"57E82CFE-4191-4055-A0BA-EAB7BE96D947\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4DBBDAA-BCAE-4B63-BDFC-3DD70DAD9B7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:15.1:update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5AF87C6-F8D6-4462-9DF5-B9D301002B1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4316924-9EF8-4835-A2E4-0C81F4DE473D\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.