cvelistv5 - cve-2020-10055

CVE-2020-10055 (GCVE-0-2020-10055)

Vulnerability from cvelistv5 – Published: 2020-08-14 15:24 – Updated: 2024-08-04 10:50

Summary

Severity ?

No CVSS data available.

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Assigner

siemens

References

URL

Tags

	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_MISC
	https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06	x_refsource_MISC

Impacted products

Vendor

Product

Version

Siemens AG

Desigo CC

Affected: V4.x

Siemens AG	Desigo CC	Affected: V3.x
Siemens AG	Desigo CC Compact	Affected: V4.x
Siemens AG	Desigo CC Compact	Affected: V3.x

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T10:50:57.784Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Desigo CC",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "V4.x"
            }
          ]
        },
        {
          "product": "Desigo CC",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "V3.x"
            }
          ]
        },
        {
          "product": "Desigo CC Compact",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "V4.x"
            }
          ]
        },
        {
          "product": "Desigo CC Compact",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "V3.x"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-14T15:24:06",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-10055",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Desigo CC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V4.x"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo CC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V3.x"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo CC Compact",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V4.x"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Desigo CC Compact",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V3.x"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-10055",
    "datePublished": "2020-08-14T15:24:06",
    "dateReserved": "2020-03-04T00:00:00",
    "dateUpdated": "2024-08-04T10:50:57.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:desigo_consumption_control:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C88FF473-DAB6-47DA-B822-163B04DEC429\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:desigo_consumption_control:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA270B78-5280-49D9-BA1B-33F16572999E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:desigo_consumption_control_compact:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAAFD1B6-7B6D-48D5-8850-D5850B2852AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:desigo_consumption_control_compact:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A8FC535-4ACB-455C-8A74-98913B2C53D3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad ha sido identificada en Desigo CC (versi\\u00f3n V4.x), Desigo CC (versi\\u00f3n V3.x), Desigo CC Compact (versi\\u00f3n V4.x), Desigo CC Compact (versi\\u00f3n V3.x). Unas aplicaciones afectadas son entregadas con un componente de terceros (BIRT) que contiene una vulnerabilidad de ejecuci\\u00f3n de c\\u00f3digo remota si el Advanced Reporting Engine est\\u00e1 habilitado. La vulnerabilidad podr\\u00eda permitir a un atacante remoto no autenticado ejecutar comandos arbitrarios en el servidor con privilegios SYSTEM.\"}]",
      "id": "CVE-2020-10055",
      "lastModified": "2024-11-21T04:54:42.960",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-08-14T16:15:16.790",
      "references": "[{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "productcert@siemens.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"productcert@siemens.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-10055\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2020-08-14T16:15:16.790\",\"lastModified\":\"2024-11-21T04:54:42.960\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad ha sido identificada en Desigo CC (versi\u00f3n V4.x), Desigo CC (versi\u00f3n V3.x), Desigo CC Compact (versi\u00f3n V4.x), Desigo CC Compact (versi\u00f3n V3.x). Unas aplicaciones afectadas son entregadas con un componente de terceros (BIRT) que contiene una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota si el Advanced Reporting Engine est\u00e1 habilitado. La vulnerabilidad podr\u00eda permitir a un atacante remoto no autenticado ejecutar comandos arbitrarios en el servidor con privilegios SYSTEM.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_consumption_control:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C88FF473-DAB6-47DA-B822-163B04DEC429\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_consumption_control:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA270B78-5280-49D9-BA1B-33F16572999E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_consumption_control_compact:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAAFD1B6-7B6D-48D5-8850-D5850B2852AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:desigo_consumption_control_compact:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A8FC535-4ACB-455C-8A74-98913B2C53D3\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"US Government Resource\"]}]}}"
  }
}

ICSA-20-224-06

Vulnerability from csaf_cisa - Published: 2020-08-11 00:00 - Updated: 2020-08-11 00:00

Summary

Siemens Desigo CC

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of this vulnerability could allow an attacker to gain remote code execution on the server with SYSTEM privileges.

Critical infrastructure sectors

Commercial Facilities, Government Facilities

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting this vulnerability to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability could allow an attacker to gain remote code execution on the server with SYSTEM privileges.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Commercial Facilities, Government Facilities",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and  solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-20-224-06 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-224-06.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-20-224-06 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-224-06"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "SSA-496604: SSA-786743: Code Injection Vulnerability in Advanced Reporting for Desigo CC and Desigo CC Compact - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/SSA-786743.txt"
      }
    ],
    "title": "Siemens Desigo CC",
    "tracking": {
      "current_release_date": "2020-08-11T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-20-224-06",
      "initial_release_date": "2020-08-11T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2020-08-11T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-20-224-06 Siemens Desigo CC"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "V4.x",
                "product": {
                  "name": "Desigo CC: V4.x",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Desigo CC"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "V3.x",
                "product": {
                  "name": "Desigo CC: V3.x",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Desigo CC"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "V4.x",
                "product": {
                  "name": "Desigo CC Compact: V4.x",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "Desigo CC Compact"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "V3.x",
                "product": {
                  "name": "Desigo CC Compact: V3.x",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "Desigo CC Compact"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-10055",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled.",
          "title": "Summary"
        },
        {
          "category": "summary",
          "text": "The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "https://support.industry.siemens.com/cs/ww/en/view/109780956 (Login Required)",
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109780956"
        },
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10055"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "If the extension module Advanced Reporting is already installed, apply\nthe patch as documented above",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "In all other cases avoid the installation of the extension module from\nexisting deliveries of Desigo CC or Desigo CC Compact software, until\nyou receive an updated version of the software that includes the patch\nalready.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Apply the patch provided through Siemens online support: - Download: https://support.industry.siemens.com/cs/ww/en/view/109780860 (Login required) ",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109780860"
        },
        {
          "category": "vendor_fix",
          "details": "Apply the patch provided through Siemens online support: - Download: https://support.industry.siemens.com/cs/ww/en/view/109780956 (Login required) ",
          "product_ids": [
            "CSAFPID-0002"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109780956"
        },
        {
          "category": "vendor_fix",
          "details": "Apply the patch provided through Siemens online support: - Download: https://support.industry.siemens.com/cs/ww/en/view/109780860 (Login required) ",
          "product_ids": [
            "CSAFPID-0003"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109780860"
        },
        {
          "category": "vendor_fix",
          "details": "Apply the patch provided through Siemens online support: - Download: https://support.industry.siemens.com/cs/ww/en/view/109780956 (Login required) ",
          "product_ids": [
            "CSAFPID-0004"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109780956"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure Siemens strongly recommends to protect network access to affected products with appropriate mechanisms. It is advised to follow recommended security practices in order to run the devices in a protected IT environment.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    }
  ]
}

CERTFR-2020-AVI-494

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	Desigo CC versions V3.x sans le dernier correctif de sécurité
Siemens	N/A	Automation License Manager versions antérieures à V6.0.8
Siemens	N/A	microgiciel SICAM WEB pour SICAM A8000 RTUs versions antérieures à V05.30
Siemens	N/A	Desigo CC Compact versions V3.x sans le dernier correctif de sécurité
Siemens	N/A	Desigo CC Compact versions V4.x sans le dernier correctif de sécurité
Siemens	N/A	RUGGEDCOM RM1224 versions antérieures à 6.3
Siemens	N/A	Desigo CC versions V4.x sans le dernier correctif de sécurité
Siemens	N/A	SIMATIC RF650M
Siemens	N/A	SIMOTICS CONNECT 400
Siemens	N/A	SIMATIC RF350M
Siemens	N/A	SCALANCE M-800 / S615 versions antérieures à 6.3

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-370042 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Siemens ssa-809841 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Siemens ssa-786743 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Siemens ssa-388646 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Siemens ssa-712518 du 11 août 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Desigo CC versions V3.x sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Automation License Manager versions ant\u00e9rieures \u00e0 V6.0.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "microgiciel SICAM WEB pour SICAM A8000 RTUs versions ant\u00e9rieures \u00e0 V05.30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo CC Compact versions V3.x sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo CC Compact versions V4.x sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 versions ant\u00e9rieures \u00e0 6.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo CC versions V4.x sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC RF650M",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMOTICS CONNECT 400",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC RF350M",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M-800 / S615 versions ant\u00e9rieures \u00e0 6.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-7583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7583"
    },
    {
      "name": "CVE-2019-15126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15126"
    },
    {
      "name": "CVE-2020-8597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8597"
    },
    {
      "name": "CVE-2020-15781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15781"
    },
    {
      "name": "CVE-2020-10055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10055"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-494",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-08-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-370042 du 11 ao\u00fbt 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-370042.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-809841 du 11 ao\u00fbt 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-809841.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-786743 du 11 ao\u00fbt 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-388646 du 11 ao\u00fbt 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-388646.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-712518 du 11 ao\u00fbt 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf"
    }
  ]
}

CERTFR-2020-AVI-494

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	Desigo CC versions V3.x sans le dernier correctif de sécurité
Siemens	N/A	Automation License Manager versions antérieures à V6.0.8
Siemens	N/A	microgiciel SICAM WEB pour SICAM A8000 RTUs versions antérieures à V05.30
Siemens	N/A	Desigo CC Compact versions V3.x sans le dernier correctif de sécurité
Siemens	N/A	Desigo CC Compact versions V4.x sans le dernier correctif de sécurité
Siemens	N/A	RUGGEDCOM RM1224 versions antérieures à 6.3
Siemens	N/A	Desigo CC versions V4.x sans le dernier correctif de sécurité
Siemens	N/A	SIMATIC RF650M
Siemens	N/A	SIMOTICS CONNECT 400
Siemens	N/A	SIMATIC RF350M
Siemens	N/A	SCALANCE M-800 / S615 versions antérieures à 6.3

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-370042 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Siemens ssa-809841 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Siemens ssa-786743 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Siemens ssa-388646 du 11 août 2020	None	vendor-advisory
Bulletin de sécurité Siemens ssa-712518 du 11 août 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Desigo CC versions V3.x sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Automation License Manager versions ant\u00e9rieures \u00e0 V6.0.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "microgiciel SICAM WEB pour SICAM A8000 RTUs versions ant\u00e9rieures \u00e0 V05.30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo CC Compact versions V3.x sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo CC Compact versions V4.x sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RUGGEDCOM RM1224 versions ant\u00e9rieures \u00e0 6.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Desigo CC versions V4.x sans le dernier correctif de s\u00e9curit\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC RF650M",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMOTICS CONNECT 400",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC RF350M",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE M-800 / S615 versions ant\u00e9rieures \u00e0 6.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-7583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7583"
    },
    {
      "name": "CVE-2019-15126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15126"
    },
    {
      "name": "CVE-2020-8597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8597"
    },
    {
      "name": "CVE-2020-15781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15781"
    },
    {
      "name": "CVE-2020-10055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10055"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-494",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-08-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-370042 du 11 ao\u00fbt 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-370042.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-809841 du 11 ao\u00fbt 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-809841.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-786743 du 11 ao\u00fbt 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-388646 du 11 ao\u00fbt 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-388646.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-712518 du 11 ao\u00fbt 2020",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf"
    }
  ]
}

FKIE_CVE-2020-10055

Vulnerability from fkie_nvd - Published: 2020-08-14 16:15 - Updated: 2024-11-21 04:54

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf	Patch, Vendor Advisory
productcert@siemens.com	https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06	Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06	Patch, Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
siemens	desigo_consumption_control	3.0
siemens	desigo_consumption_control	4.0
siemens	desigo_consumption_control_compact	3.0
siemens	desigo_consumption_control_compact	4.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:desigo_consumption_control:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C88FF473-DAB6-47DA-B822-163B04DEC429",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_consumption_control:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA270B78-5280-49D9-BA1B-33F16572999E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_consumption_control_compact:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAAFD1B6-7B6D-48D5-8850-D5850B2852AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:desigo_consumption_control_compact:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8FC535-4ACB-455C-8A74-98913B2C53D3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad ha sido identificada en Desigo CC (versi\u00f3n V4.x), Desigo CC (versi\u00f3n V3.x), Desigo CC Compact (versi\u00f3n V4.x), Desigo CC Compact (versi\u00f3n V3.x). Unas aplicaciones afectadas son entregadas con un componente de terceros (BIRT) que contiene una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota si el Advanced Reporting Engine est\u00e1 habilitado. La vulnerabilidad podr\u00eda permitir a un atacante remoto no autenticado ejecutar comandos arbitrarios en el servidor con privilegios SYSTEM."
    }
  ],
  "id": "CVE-2020-10055",
  "lastModified": "2024-11-21T04:54:42.960",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-08-14T16:15:16.790",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-G358-8JHP-HPV2

Vulnerability from github – Published: 2022-05-24 17:25 – Updated: 2022-05-24 17:25

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-10055"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-08-14T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.",
  "id": "GHSA-g358-8jhp-hpv2",
  "modified": "2022-05-24T17:25:43Z",
  "published": "2022-05-24T17:25:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10055"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-202008-0009

Vulnerability from variot - Updated: 2023-12-18 10:45

A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges. Desigo CC and Desigo CC Compact Exists in a code injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Desigo CC is a comprehensive building management platform for managing high-performance buildings. Desigo CC Compact provides tailor-made solutions for small and medium-sized buildings

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202008-0009",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "desigo consumption control compact",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "desigo consumption control",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "desigo consumption control compact",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "desigo consumption control",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "desigo cc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "3.x"
      },
      {
        "model": "desigo cc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "4.x"
      },
      {
        "model": "desigo cc compact",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "3.x"
      },
      {
        "model": "desigo cc compact",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "4.x"
      },
      {
        "model": "desigo cc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4.*"
      },
      {
        "model": "desigo cc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "3.*"
      },
      {
        "model": "desigo cc compact",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4.*"
      },
      {
        "model": "desigo cc compact",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "5.*"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009609"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10055"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:desigo_consumption_control:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:desigo_consumption_control:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:desigo_consumption_control_compact:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:desigo_consumption_control_compact:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-10055"
      }
    ]
  },
  "cve": "CVE-2020-10055",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-009609",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2020-45699",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-009609",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-10055",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "JVNDB-2020-009609",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-45699",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202008-587",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009609"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10055"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-587"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges. Desigo CC and Desigo CC Compact Exists in a code injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Desigo CC is a comprehensive building management platform for managing high-performance buildings. Desigo CC Compact provides tailor-made solutions for small and medium-sized buildings",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-10055"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009609"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-10055",
        "trust": 3.0
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-224-06",
        "trust": 2.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-786743",
        "trust": 2.2
      },
      {
        "db": "JVN",
        "id": "JVNVU96514651",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009609",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2774",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-587",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009609"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10055"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-587"
      }
    ]
  },
  "id": "VAR-202008-0009",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      }
    ],
    "trust": 1.2416666799999998
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      }
    ]
  },
  "last_update_date": "2023-12-18T10:45:58.399000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-786743",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
      },
      {
        "title": "Patch for Siemens Desigo CC and Desigo CC Compact code injection vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/230230"
      },
      {
        "title": "Siemens Desigo CC  and Desigo CC Compact Fixes for code injection vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=126631"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009609"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-587"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-94",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009609"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10055"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06"
      },
      {
        "trust": 2.2,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10055"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10055"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu96514651/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2774/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009609"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10055"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-587"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-009609"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-10055"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-587"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-08-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      },
      {
        "date": "2020-11-20T07:22:37",
        "db": "JVNDB",
        "id": "JVNDB-2020-009609"
      },
      {
        "date": "2020-08-14T16:15:16.790000",
        "db": "NVD",
        "id": "CVE-2020-10055"
      },
      {
        "date": "2020-08-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202008-587"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-08-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      },
      {
        "date": "2020-11-20T07:22:37",
        "db": "JVNDB",
        "id": "JVNDB-2020-009609"
      },
      {
        "date": "2020-08-21T14:41:44.433000",
        "db": "NVD",
        "id": "CVE-2020-10055"
      },
      {
        "date": "2021-01-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202008-587"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-587"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens Desigo CC and Desigo CC Compact code injection vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-45699"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-587"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202008-587"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2020-45699

Vulnerability from cnvd - Published: 2020-08-12

Title

Siemens Desigo CC和Desigo CC Compact代码注入漏洞

Description

Desigo CC是用于管理高性能建筑的综合建筑管理平台。Desigo CC Compact为中小型建筑提供量身定制的解决方案。 Siemens Desigo CC和Desigo CC Compact存在代码注入漏洞。允许未经身份验证的远程攻击者以系统权限在服务器上执行任意命令。

Severity

高

Patch Name

Siemens Desigo CC和Desigo CC Compact代码注入漏洞的补丁

Patch Description

Desigo CC是用于管理高性能建筑的综合建筑管理平台。Desigo CC Compact为中小型建筑提供量身定制的解决方案。 Siemens Desigo CC和Desigo CC Compact存在代码注入漏洞。允许未经身份验证的远程攻击者以系统权限在服务器上执行任意命令。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf

Impacted products

Name
['Siemens Desigo CC 4.', 'Siemens Desigo CC 3.', 'Siemens Desigo CC Compact 4.', 'Siemens Desigo CC Compact 5.']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-10055"
    }
  },
  "description": "Desigo CC\u662f\u7528\u4e8e\u7ba1\u7406\u9ad8\u6027\u80fd\u5efa\u7b51\u7684\u7efc\u5408\u5efa\u7b51\u7ba1\u7406\u5e73\u53f0\u3002Desigo CC Compact\u4e3a\u4e2d\u5c0f\u578b\u5efa\u7b51\u63d0\u4f9b\u91cf\u8eab\u5b9a\u5236\u7684\u89e3\u51b3\u65b9\u6848\u3002\n\nSiemens Desigo CC\u548cDesigo CC Compact\u5b58\u5728\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\u3002\u5141\u8bb8\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u4ee5\u7cfb\u7edf\u6743\u9650\u5728\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-45699",
  "openTime": "2020-08-12",
  "patchDescription": "Desigo CC\u662f\u7528\u4e8e\u7ba1\u7406\u9ad8\u6027\u80fd\u5efa\u7b51\u7684\u7efc\u5408\u5efa\u7b51\u7ba1\u7406\u5e73\u53f0\u3002Desigo CC Compact\u4e3a\u4e2d\u5c0f\u578b\u5efa\u7b51\u63d0\u4f9b\u91cf\u8eab\u5b9a\u5236\u7684\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nSiemens Desigo CC\u548cDesigo CC Compact\u5b58\u5728\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\u3002\u5141\u8bb8\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u4ee5\u7cfb\u7edf\u6743\u9650\u5728\u670d\u52a1\u5668\u4e0a\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens Desigo CC\u548cDesigo CC Compact\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens Desigo CC 4.*",
      "Siemens Desigo CC 3.*",
      "Siemens Desigo CC Compact 4.*",
      "Siemens Desigo CC Compact 5.*"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf",
  "serverity": "\u9ad8",
  "submitTime": "2020-08-12",
  "title": "Siemens Desigo CC\u548cDesigo CC Compact\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e"
}

GSD-2020-10055

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2020-10055

Aliases

CVE-2020-10055

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-10055",
    "description": "A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.",
    "id": "GSD-2020-10055"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-10055"
      ],
      "details": "A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.",
      "id": "GSD-2020-10055",
      "modified": "2023-12-13T01:22:04.530035Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2020-10055",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Desigo CC",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V4.x"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Desigo CC",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V3.x"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Desigo CC Compact",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V4.x"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Desigo CC Compact",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V3.x"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens AG"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
          },
          {
            "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06",
            "refsource": "MISC",
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:desigo_consumption_control:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:desigo_consumption_control:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:desigo_consumption_control_compact:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:desigo_consumption_control_compact:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-10055"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-786743.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-06"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-08-21T14:41Z",
      "publishedDate": "2020-08-14T16:15Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-10055 (GCVE-0-2020-10055)

Solution

Solution

Tags

Sightings

Nomenclature