cvelistv5 - cve-2020-28398

CVE-2020-28398 (GCVE-0-2020-28398)

Vulnerability from cvelistv5 – Published: 2024-12-10 13:53 – Updated: 2024-12-10 15:28

Summary

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The CLI feature in the web interface of affected devices is vulnerable to cross-site request forgery (CSRF). This could allow an attacker to read or modify the device configuration by tricking an authenticated legitimate user into accessing a malicious link.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

8.6 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-352 - Cross-Site Request Forgery (CSRF)

Assigner

siemens

References

URL

SSA-384652

Vulnerability from csaf_siemens - Published: 2024-12-10 00:00 - Updated: 2024-12-10 00:00

Summary

SSA-384652: Cross-Site Request Forgery (CSRF) Vulnerability in RUGGEDCOM ROX II

Notes

Summary

The CLI feature in the web interface of RUGGEDCOM ROX II devices is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to perform administrative actions if an authenticated user is tricked into accessing a malicious link. Siemens has released new versions for the affected products and recommends to update to the latest versions.

General Recommendations

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "The CLI feature in the web interface of RUGGEDCOM ROX II devices is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to perform administrative actions if an authenticated user is tricked into accessing a malicious link.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-384652: Cross-Site Request Forgery (CSRF) Vulnerability in RUGGEDCOM ROX II - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-384652.html"
      },
      {
        "category": "self",
        "summary": "SSA-384652: Cross-Site Request Forgery (CSRF) Vulnerability in RUGGEDCOM ROX II - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-384652.json"
      }
    ],
    "title": "SSA-384652: Cross-Site Request Forgery (CSRF) Vulnerability in RUGGEDCOM ROX II",
    "tracking": {
      "current_release_date": "2024-12-10T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-384652",
      "initial_release_date": "2024-12-10T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-12-10T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX MX5000",
                  "product_id": "1"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX MX5000"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX MX5000RE",
                  "product_id": "2"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX MX5000RE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1400",
                  "product_id": "3"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1400"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1500",
                  "product_id": "4"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1500"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1501",
                  "product_id": "5"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1501"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1510",
                  "product_id": "6"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1510"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1511",
                  "product_id": "7"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1511"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1512",
                  "product_id": "8"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1512"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1524",
                  "product_id": "9"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1524"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1536",
                  "product_id": "10"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1536"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX5000",
                  "product_id": "11"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX5000"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-28398",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CLI feature in the web interface of affected devices is vulnerable to \r\ncross-site request forgery (CSRF).\r\n\r\nThis could allow an attacker to read or modify the device configuration\r\nby tricking an authenticated legitimate user into accessing a malicious link.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only access links from trusted sources while authenticated in web interface of the affected devices",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2.16.0 or later version",
          "product_ids": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109821187/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11"
          ]
        }
      ],
      "title": "CVE-2020-28398"
    }
  ]
}

ICSA-24-347-03

Vulnerability from csaf_cisa - Published: 2024-12-10 00:00 - Updated: 2025-05-06 06:00

Summary

Siemens RUGGEDCOM ROX II

Notes

Summary

General Recommendations

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Advisory Conversion Disclaimer

This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.

Critical infrastructure sectors

Critical Manufacturing

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

CISA recommends users take defensive measures to minimize the exploitation risk of these vulnerabilities.

Recommended Practices

Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.

Recommended Practices

Locate control system networks and remote devices behind firewalls and isolate them from business networks.

Recommended Practices

When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens",
        "summary": "reporting this vulnerability to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "The CLI feature in the web interface of RUGGEDCOM ROX II devices is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to perform administrative actions if an authenticated user is tricked into accessing a malicious link.\n\nSiemens has released new versions for the affected products and recommends to update to the latest versions.",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "other",
        "text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of these vulnerabilities.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-384652: Cross-Site Request Forgery (CSRF) Vulnerability in RUGGEDCOM ROX II - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-384652.json"
      },
      {
        "category": "self",
        "summary": "SSA-384652: Cross-Site Request Forgery (CSRF) Vulnerability in RUGGEDCOM ROX II - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-384652.html"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-24-347-03 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-347-03.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-24-347-03 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-347-03"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Siemens RUGGEDCOM ROX II\u00a0",
    "tracking": {
      "current_release_date": "2025-05-06T06:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-24-347-03",
      "initial_release_date": "2024-12-10T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2024-12-10T00:00:00.000000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2025-05-06T06:00:00.000000Z",
          "legacy_version": "Revision",
          "number": "2",
          "summary": "Revision - Fixing typos"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX MX5000",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX MX5000"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX MX5000RE",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX MX5000RE"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1400",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1400"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1500",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1500"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1501",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1501"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1510",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1510"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1511",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1511"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1512",
                  "product_id": "CSAFPID-0008"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1512"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1524",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1524"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX1536",
                  "product_id": "CSAFPID-0010"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX1536"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.16.0",
                "product": {
                  "name": "RUGGEDCOM ROX RX5000",
                  "product_id": "CSAFPID-0011"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM ROX RX5000"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-28398",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The CLI feature in the web interface of affected devices is vulnerable to \r\ncross-site request forgery (CSRF).\r\n\r\nThis could allow an attacker to read or modify the device configuration\r\nby tricking an authenticated legitimate user into accessing a malicious link.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-0010",
          "CSAFPID-0011"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Only access links from trusted sources while authenticated in web interface of the affected devices",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2.16.0 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109821187/"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-0010",
            "CSAFPID-0011"
          ]
        }
      ],
      "title": "CVE-2020-28398"
    }
  ]
}

FKIE_CVE-2020-28398

Vulnerability from fkie_nvd - Published: 2024-12-10 14:15 - Updated: 2024-12-10 14:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/html/ssa-384652.html

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions \u003c V2.16.0), RUGGEDCOM ROX MX5000RE (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1400 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1500 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1501 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1510 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1511 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1512 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1524 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1536 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX5000 (All versions \u003c V2.16.0). The CLI feature in the web interface of affected devices is vulnerable to \r\ncross-site request forgery (CSRF).\r\n\r\nThis could allow an attacker to read or modify the device configuration\r\nby tricking an authenticated legitimate user into accessing a malicious link."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en RUGGEDCOM ROX MX5000 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX MX5000RE (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1400 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1500 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1501 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1510 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1511 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1512 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1524 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1536 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1536 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1540 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1550 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1560 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1570 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1580 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1600 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1610 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX1620 (Todas las versiones \u0026lt; V2.16.0), RUGGEDCOM ROX RX16 V2.16.0), RUGGEDCOM ROX RX5000 (todas las versiones anteriores a V2.16.0). La funci\u00f3n CLI en la interfaz web de los dispositivos afectados es vulnerable a cross-site request forgery (CSRF). Esto podr\u00eda permitir que un atacante lea o modifique la configuraci\u00f3n del dispositivo enga\u00f1ando a un usuario leg\u00edtimo autenticado para que acceda a un enlace malicioso."
    }
  ],
  "id": "CVE-2020-28398",
  "lastModified": "2024-12-10T14:15:18.320",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "ACTIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-12-10T14:15:18.320",
  "references": [
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-384652.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    }
  ]
}

CNVD-2024-47914

Vulnerability from cnvd - Published: 2024-12-12

Title

Siemens RUGGEDCOM ROX II跨站请求伪造漏洞

Description

RUGGEDCOM ROX II是基于ROX的VPN端点和防火墙设备用于连接在恶劣环境中运行的设备，如电力变电站和交通控制柜。 Siemens RUGGEDCOM ROX II存在跨站请求伪造漏洞，攻击者可利用该漏洞通过欺骗经过身份验证的合法用户访问恶意链接来读取或修改设备配置。

Severity

高

Patch Name

Siemens RUGGEDCOM ROX II跨站请求伪造漏洞的补丁

Patch Description

RUGGEDCOM ROX II是基于ROX的VPN端点和防火墙设备用于连接在恶劣环境中运行的设备，如电力变电站和交通控制柜。 Siemens RUGGEDCOM ROX II存在跨站请求伪造漏洞，攻击者可利用该漏洞通过欺骗经过身份验证的合法用户访问恶意链接来读取或修改设备配置。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://cert-portal.siemens.com/productcert/html/ssa-384652.html

Reference

https://cert-portal.siemens.com/productcert/html/ssa-384652.html

Impacted products

Name
['Siemens RUGGEDCOM ROX MX5000 < V2.16.0', 'Siemens RUGGEDCOM ROX MX5000RE < V2.16.0', 'Siemens RUGGEDCOM ROX RX1400 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1500 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1501 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1510 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1511 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1512 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1524 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1536 < V2.16.0', 'Siemens RUGGEDCOM ROX RX5000 < V2.16.0']

Name

['Siemens RUGGEDCOM ROX MX5000 < V2.16.0', 'Siemens RUGGEDCOM ROX MX5000RE < V2.16.0', 'Siemens RUGGEDCOM ROX RX1400 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1500 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1501 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1510 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1511 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1512 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1524 < V2.16.0', 'Siemens RUGGEDCOM ROX RX1536 < V2.16.0', 'Siemens RUGGEDCOM ROX RX5000 < V2.16.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-28398"
    }
  },
  "description": "RUGGEDCOM ROX II\u662f\u57fa\u4e8eROX\u7684VPN\u7aef\u70b9\u548c\u9632\u706b\u5899\u8bbe\u5907\u7528\u4e8e\u8fde\u63a5\u5728\u6076\u52a3\u73af\u5883\u4e2d\u8fd0\u884c\u7684\u8bbe\u5907\uff0c\u5982\u7535\u529b\u53d8\u7535\u7ad9\u548c\u4ea4\u901a\u63a7\u5236\u67dc\u3002\n\nSiemens RUGGEDCOM ROX II\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6b3a\u9a97\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u5408\u6cd5\u7528\u6237\u8bbf\u95ee\u6076\u610f\u94fe\u63a5\u6765\u8bfb\u53d6\u6216\u4fee\u6539\u8bbe\u5907\u914d\u7f6e\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/html/ssa-384652.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-47914",
  "openTime": "2024-12-12",
  "patchDescription": "RUGGEDCOM ROX II\u662f\u57fa\u4e8eROX\u7684VPN\u7aef\u70b9\u548c\u9632\u706b\u5899\u8bbe\u5907\u7528\u4e8e\u8fde\u63a5\u5728\u6076\u52a3\u73af\u5883\u4e2d\u8fd0\u884c\u7684\u8bbe\u5907\uff0c\u5982\u7535\u529b\u53d8\u7535\u7ad9\u548c\u4ea4\u901a\u63a7\u5236\u67dc\u3002\r\n\r\nSiemens RUGGEDCOM ROX II\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6b3a\u9a97\u7ecf\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u5408\u6cd5\u7528\u6237\u8bbf\u95ee\u6076\u610f\u94fe\u63a5\u6765\u8bfb\u53d6\u6216\u4fee\u6539\u8bbe\u5907\u914d\u7f6e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens RUGGEDCOM ROX II\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens RUGGEDCOM ROX MX5000 \u003c V2.16.0",
      "Siemens RUGGEDCOM ROX MX5000RE \u003c V2.16.0",
      "Siemens RUGGEDCOM ROX RX1400 \u003c V2.16.0",
      "Siemens RUGGEDCOM ROX RX1500 \u003c V2.16.0",
      "Siemens RUGGEDCOM ROX RX1501 \u003c V2.16.0",
      "Siemens RUGGEDCOM ROX RX1510 \u003c V2.16.0",
      "Siemens RUGGEDCOM ROX RX1511 \u003c V2.16.0",
      "Siemens RUGGEDCOM ROX RX1512 \u003c V2.16.0",
      "Siemens RUGGEDCOM ROX RX1524 \u003c V2.16.0",
      "Siemens RUGGEDCOM ROX RX1536 \u003c V2.16.0",
      "Siemens RUGGEDCOM ROX RX5000 \u003c V2.16.0"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-384652.html",
  "serverity": "\u9ad8",
  "submitTime": "2024-12-11",
  "title": "Siemens RUGGEDCOM ROX II\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e"
}

GHSA-9982-RC28-7H2W

Vulnerability from github – Published: 2024-12-10 15:32 – Updated: 2024-12-10 15:32

Details

This could allow an attacker to read or modify the device configuration by tricking an authenticated legitimate user into accessing a malicious link.

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-28398"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-10T14:15:18Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions \u003c V2.16.0), RUGGEDCOM ROX MX5000RE (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1400 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1500 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1501 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1510 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1511 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1512 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1524 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX1536 (All versions \u003c V2.16.0), RUGGEDCOM ROX RX5000 (All versions \u003c V2.16.0). The CLI feature in the web interface of affected devices is vulnerable to \ncross-site request forgery (CSRF).\n\nThis could allow an attacker to read or modify the device configuration\nby tricking an authenticated legitimate user into accessing a malicious link.",
  "id": "GHSA-9982-rc28-7h2w",
  "modified": "2024-12-10T15:32:31Z",
  "published": "2024-12-10T15:32:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28398"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-384652.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

NCSC-2024-0473

Vulnerability from csaf_ncscnl - Published: 2024-12-10 19:34 - Updated: 2024-12-10 19:34

Summary

Kwetsbaarheden verholpen in Siemens producten

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Siemens heeft kwetsbaarheden verholpen in diverse producten als COMOS, RUGGEDCOM, SENTRON, SICAM, SIMATIC en TeamCenter.

Interpretaties

De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Cross-Site-Scripting (XSS) - Manipulatie van gegevens - Omzeilen van een beveiligingsmaatregel - Omzeilen van authenticatie - (Remote) code execution (Administrator/Root rechten) - (Remote) code execution (Gebruikersrechten) - Toegang tot systeemgegevens - Verhoogde gebruikersrechten De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.

Oplossingen

Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico's zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-191

Integer Underflow (Wrap or Wraparound)

CWE-522

Insufficiently Protected Credentials

CWE-125

Out-of-bounds Read

CWE-352

Cross-Site Request Forgery (CSRF)

CWE-502

Deserialization of Untrusted Data

CWE-611

Improper Restriction of XML External Entity Reference

CWE-122

Heap-based Buffer Overflow

CWE-121

Stack-based Buffer Overflow

CWE-20

Improper Input Validation

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Siemens heeft kwetsbaarheden verholpen in diverse producten als COMOS, RUGGEDCOM, SENTRON, SICAM, SIMATIC en TeamCenter.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Cross-Site-Scripting (XSS)\n- Manipulatie van gegevens\n- Omzeilen van een beveiligingsmaatregel\n- Omzeilen van authenticatie\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- Toegang tot systeemgegevens\n- Verhoogde gebruikersrechten\n\nDe kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Siemens heeft beveiligingsupdates uitgebracht om de kwetsbaarheden te verhelpen. Voor de kwetsbaarheden waar nog geen updates voor zijn, heeft Siemens mitigerende maatregelen gepubliceerd om de risico\u0027s zoveel als mogelijk te beperken. Zie de bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Integer Underflow (Wrap or Wraparound)",
        "title": "CWE-191"
      },
      {
        "category": "general",
        "text": "Insufficiently Protected Credentials",
        "title": "CWE-522"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Cross-Site Request Forgery (CSRF)",
        "title": "CWE-352"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-128393.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-384652.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-392859.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-620799.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-645131.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701627.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-730188.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-800126.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-881356.pdf"
      },
      {
        "category": "external",
        "summary": "Reference - ncscclear",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-979056.pdf"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Siemens producten",
    "tracking": {
      "current_release_date": "2024-12-10T19:34:53.515240Z",
      "id": "NCSC-2024-0473",
      "initial_release_date": "2024-12-10T19:34:53.515240Z",
      "revision_history": [
        {
          "date": "2024-12-10T19:34:53.515240Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "comos",
            "product": {
              "name": "comos",
              "product_id": "CSAFPID-396548",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "comos_v10.3",
            "product": {
              "name": "comos_v10.3",
              "product_id": "CSAFPID-1702511",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:comos_v10.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "comos_v10.4.0",
            "product": {
              "name": "comos_v10.4.0",
              "product_id": "CSAFPID-1741068",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:comos_v10.4.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "comos_v10.4.1",
            "product": {
              "name": "comos_v10.4.1",
              "product_id": "CSAFPID-1741069",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:comos_v10.4.1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "comos_v10.4.2",
            "product": {
              "name": "comos_v10.4.2",
              "product_id": "CSAFPID-1741070",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:comos_v10.4.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "comos_v10.4.3",
            "product": {
              "name": "comos_v10.4.3",
              "product_id": "CSAFPID-1741071",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:comos_v10.4.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "comos_v10.4.4.1",
            "product": {
              "name": "comos_v10.4.4.1",
              "product_id": "CSAFPID-1741073",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:comos_v10.4.4.1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "comos_v10.4.4",
            "product": {
              "name": "comos_v10.4.4",
              "product_id": "CSAFPID-1741072",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:comos_v10.4.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1478257",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741127",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741137",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.10:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741138",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.11:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741139",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.12:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741140",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.13:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741141",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.14:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741142",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.15:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741143",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.16:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741144",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.17:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741145",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.18:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741146",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.19:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741128",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741147",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.20:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741148",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.21:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741149",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.22:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741150",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.23:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741151",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.24:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741152",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.25:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741153",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.26:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741154",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.27:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741155",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.28:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741156",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.29:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741129",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741130",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741131",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741132",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741133",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741134",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741135",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "cpci85_central_processing_communication",
            "product": {
              "name": "cpci85_central_processing_communication",
              "product_id": "CSAFPID-1741136",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:cpci85_central_processing_communication:05.9:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_mx5000",
            "product": {
              "name": "ruggedcom_rox_mx5000",
              "product_id": "CSAFPID-1613204",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_mx5000:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_mx5000",
            "product": {
              "name": "ruggedcom_rox_mx5000",
              "product_id": "CSAFPID-1741083",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_mx5000:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_mx5000re",
            "product": {
              "name": "ruggedcom_rox_mx5000re",
              "product_id": "CSAFPID-1613205",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_mx5000re:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_mx5000re",
            "product": {
              "name": "ruggedcom_rox_mx5000re",
              "product_id": "CSAFPID-1741084",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_mx5000re:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1400",
            "product": {
              "name": "ruggedcom_rox_rx1400",
              "product_id": "CSAFPID-1613206",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1400:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1400",
            "product": {
              "name": "ruggedcom_rox_rx1400",
              "product_id": "CSAFPID-1741085",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1400:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1500",
            "product": {
              "name": "ruggedcom_rox_rx1500",
              "product_id": "CSAFPID-1613207",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1500:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1500",
            "product": {
              "name": "ruggedcom_rox_rx1500",
              "product_id": "CSAFPID-1741086",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1500:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1501",
            "product": {
              "name": "ruggedcom_rox_rx1501",
              "product_id": "CSAFPID-1613208",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1501:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1501",
            "product": {
              "name": "ruggedcom_rox_rx1501",
              "product_id": "CSAFPID-1741087",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1501:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1510",
            "product": {
              "name": "ruggedcom_rox_rx1510",
              "product_id": "CSAFPID-1613209",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1510:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1510",
            "product": {
              "name": "ruggedcom_rox_rx1510",
              "product_id": "CSAFPID-1741088",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1510:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1511",
            "product": {
              "name": "ruggedcom_rox_rx1511",
              "product_id": "CSAFPID-1613210",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1511:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1511",
            "product": {
              "name": "ruggedcom_rox_rx1511",
              "product_id": "CSAFPID-1741089",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1511:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1512",
            "product": {
              "name": "ruggedcom_rox_rx1512",
              "product_id": "CSAFPID-1613211",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1512:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1512",
            "product": {
              "name": "ruggedcom_rox_rx1512",
              "product_id": "CSAFPID-1741090",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1512:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1524",
            "product": {
              "name": "ruggedcom_rox_rx1524",
              "product_id": "CSAFPID-1613212",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1524:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1524",
            "product": {
              "name": "ruggedcom_rox_rx1524",
              "product_id": "CSAFPID-1741091",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1524:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1536",
            "product": {
              "name": "ruggedcom_rox_rx1536",
              "product_id": "CSAFPID-1613213",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1536:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1536",
            "product": {
              "name": "ruggedcom_rox_rx1536",
              "product_id": "CSAFPID-1741092",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx1536:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx5000",
            "product": {
              "name": "ruggedcom_rox_rx5000",
              "product_id": "CSAFPID-1613214",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx5000:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx5000",
            "product": {
              "name": "ruggedcom_rox_rx5000",
              "product_id": "CSAFPID-1741093",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:ruggedcom_rox_rx5000:2.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sentron_powercenter_1000__7kn1110-0mc00_",
            "product": {
              "name": "sentron_powercenter_1000__7kn1110-0mc00_",
              "product_id": "CSAFPID-1666785",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sentron_powercenter_1000__7kn1110-0mc00_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sentron_powercenter_1100__7kn1111-0mc00_",
            "product": {
              "name": "sentron_powercenter_1100__7kn1111-0mc00_",
              "product_id": "CSAFPID-1741465",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sentron_powercenter_1100__7kn1111-0mc00_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_s7-plcsim",
            "product": {
              "name": "simatic_s7-plcsim",
              "product_id": "CSAFPID-588822",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_s7-plcsim:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_s7-plcsim_v16",
            "product": {
              "name": "simatic_s7-plcsim_v16",
              "product_id": "CSAFPID-1712825",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_s7-plcsim_v16:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_s7-plcsim_v17",
            "product": {
              "name": "simatic_s7-plcsim_v17",
              "product_id": "CSAFPID-1712826",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_s7-plcsim_v17:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_s7-plcsim_v18",
            "product": {
              "name": "simatic_s7-plcsim_v18",
              "product_id": "CSAFPID-1741189",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_s7-plcsim_v18:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_step_7",
            "product": {
              "name": "simatic_step_7",
              "product_id": "CSAFPID-99097",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_step_7_safety",
            "product": {
              "name": "simatic_step_7_safety",
              "product_id": "CSAFPID-1713198",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_step_7_safety:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_step_7_safety_v16",
            "product": {
              "name": "simatic_step_7_safety_v16",
              "product_id": "CSAFPID-1703190",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_step_7_safety_v16:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_step_7_safety_v17",
            "product": {
              "name": "simatic_step_7_safety_v17",
              "product_id": "CSAFPID-1703191",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_step_7_safety_v17:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_step_7_safety_v18",
            "product": {
              "name": "simatic_step_7_safety_v18",
              "product_id": "CSAFPID-1500667",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_step_7_safety_v18:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_step_7_safety_v19",
            "product": {
              "name": "simatic_step_7_safety_v19",
              "product_id": "CSAFPID-1741175",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_step_7_safety_v19:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_step_7_v16",
            "product": {
              "name": "simatic_step_7_v16",
              "product_id": "CSAFPID-1703187",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_step_7_v16:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_step_7_v17",
            "product": {
              "name": "simatic_step_7_v17",
              "product_id": "CSAFPID-1703188",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_step_7_v17:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_step_7_v18",
            "product": {
              "name": "simatic_step_7_v18",
              "product_id": "CSAFPID-1703189",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_step_7_v18:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_step_7_v19",
            "product": {
              "name": "simatic_step_7_v19",
              "product_id": "CSAFPID-1741176",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_step_7_v19:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc",
            "product": {
              "name": "simatic_wincc",
              "product_id": "CSAFPID-75563",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_unified",
            "product": {
              "name": "simatic_wincc_unified",
              "product_id": "CSAFPID-1713199",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_unified:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_unified_pc_runtime_v18",
            "product": {
              "name": "simatic_wincc_unified_pc_runtime_v18",
              "product_id": "CSAFPID-1637854",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime_v18:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_unified_pc_runtime_v19",
            "product": {
              "name": "simatic_wincc_unified_pc_runtime_v19",
              "product_id": "CSAFPID-1741190",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_unified_pc_runtime_v19:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_unified_v16",
            "product": {
              "name": "simatic_wincc_unified_v16",
              "product_id": "CSAFPID-1703192",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_unified_v16:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_unified_v17",
            "product": {
              "name": "simatic_wincc_unified_v17",
              "product_id": "CSAFPID-1703193",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_unified_v17:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_unified_v18",
            "product": {
              "name": "simatic_wincc_unified_v18",
              "product_id": "CSAFPID-1703194",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_unified_v18:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_unified_v19",
            "product": {
              "name": "simatic_wincc_unified_v19",
              "product_id": "CSAFPID-1741177",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_unified_v19:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_v16",
            "product": {
              "name": "simatic_wincc_v16",
              "product_id": "CSAFPID-1702687",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_v16:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_v17",
            "product": {
              "name": "simatic_wincc_v17",
              "product_id": "CSAFPID-1702688",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_v17:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_v18",
            "product": {
              "name": "simatic_wincc_v18",
              "product_id": "CSAFPID-1703195",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_v18:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simatic_wincc_v19",
            "product": {
              "name": "simatic_wincc_v19",
              "product_id": "CSAFPID-1741178",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simatic_wincc_v19:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_femap_v2306",
            "product": {
              "name": "simcenter_femap_v2306",
              "product_id": "CSAFPID-1703072",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_femap_v2306:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_femap_v2401",
            "product": {
              "name": "simcenter_femap_v2401",
              "product_id": "CSAFPID-1741172",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_femap_v2401:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_femap_v2406",
            "product": {
              "name": "simcenter_femap_v2406",
              "product_id": "CSAFPID-1741173",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_femap_v2406:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran",
            "product": {
              "name": "simcenter_nastran",
              "product_id": "CSAFPID-1741174",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran",
            "product": {
              "name": "simcenter_nastran",
              "product_id": "CSAFPID-1676184",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran:2306.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran",
            "product": {
              "name": "simcenter_nastran",
              "product_id": "CSAFPID-1676183",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran:2312.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran",
            "product": {
              "name": "simcenter_nastran",
              "product_id": "CSAFPID-1676182",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran:2406.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran",
            "product": {
              "name": "simcenter_nastran",
              "product_id": "CSAFPID-1741231",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran:2406.5000:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran_2306",
            "product": {
              "name": "simcenter_nastran_2306",
              "product_id": "CSAFPID-1504458",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran_2306:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran_2306",
            "product": {
              "name": "simcenter_nastran_2306",
              "product_id": "CSAFPID-1478981",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran_2306:0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran_2312",
            "product": {
              "name": "simcenter_nastran_2312",
              "product_id": "CSAFPID-1504457",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran_2312:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran_2312",
            "product": {
              "name": "simcenter_nastran_2312",
              "product_id": "CSAFPID-1478982",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran_2312:0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran_2406",
            "product": {
              "name": "simcenter_nastran_2406",
              "product_id": "CSAFPID-1504459",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran_2406:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simcenter_nastran_2406",
            "product": {
              "name": "simcenter_nastran_2406",
              "product_id": "CSAFPID-1478983",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simcenter_nastran_2406:0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simocode_es",
            "product": {
              "name": "simocode_es",
              "product_id": "CSAFPID-1713200",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simocode_es_v16",
            "product": {
              "name": "simocode_es_v16",
              "product_id": "CSAFPID-1702694",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simocode_es_v16:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simocode_es_v17",
            "product": {
              "name": "simocode_es_v17",
              "product_id": "CSAFPID-1703196",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simocode_es_v17:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simocode_es_v18",
            "product": {
              "name": "simocode_es_v18",
              "product_id": "CSAFPID-1703197",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simocode_es_v18:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simocode_es_v19",
            "product": {
              "name": "simocode_es_v19",
              "product_id": "CSAFPID-1741179",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simocode_es_v19:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simotion_scout_tia",
            "product": {
              "name": "simotion_scout_tia",
              "product_id": "CSAFPID-1713201",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simotion_scout_tia:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simotion_scout_tia_v5.4_sp1",
            "product": {
              "name": "simotion_scout_tia_v5.4_sp1",
              "product_id": "CSAFPID-1703198",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simotion_scout_tia_v5.4_sp1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simotion_scout_tia_v5.4_sp3",
            "product": {
              "name": "simotion_scout_tia_v5.4_sp3",
              "product_id": "CSAFPID-1703199",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simotion_scout_tia_v5.4_sp3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simotion_scout_tia_v5.5_sp1",
            "product": {
              "name": "simotion_scout_tia_v5.5_sp1",
              "product_id": "CSAFPID-1703200",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simotion_scout_tia_v5.5_sp1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "simotion_scout_tia_v5.6_sp1",
            "product": {
              "name": "simotion_scout_tia_v5.6_sp1",
              "product_id": "CSAFPID-1741180",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:simotion_scout_tia_v5.6_sp1:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sinamics_startdrive",
            "product": {
              "name": "sinamics_startdrive",
              "product_id": "CSAFPID-1625341",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sinamics_startdrive:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sinamics_startdrive_v16",
            "product": {
              "name": "sinamics_startdrive_v16",
              "product_id": "CSAFPID-1703201",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sinamics_startdrive_v16:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sinamics_startdrive_v17",
            "product": {
              "name": "sinamics_startdrive_v17",
              "product_id": "CSAFPID-1703202",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sinamics_startdrive_v17:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sinamics_startdrive_v18",
            "product": {
              "name": "sinamics_startdrive_v18",
              "product_id": "CSAFPID-1703203",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sinamics_startdrive_v18:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sinamics_startdrive_v19",
            "product": {
              "name": "sinamics_startdrive_v19",
              "product_id": "CSAFPID-1741181",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sinamics_startdrive_v19:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sirius_safety_es",
            "product": {
              "name": "sirius_safety_es",
              "product_id": "CSAFPID-1713202",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sirius_safety_es:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sirius_safety_es_v17__tia_portal_",
            "product": {
              "name": "sirius_safety_es_v17__tia_portal_",
              "product_id": "CSAFPID-1741182",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sirius_safety_es_v17__tia_portal_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sirius_safety_es_v18__tia_portal_",
            "product": {
              "name": "sirius_safety_es_v18__tia_portal_",
              "product_id": "CSAFPID-1741183",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sirius_safety_es_v18__tia_portal_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sirius_safety_es_v19__tia_portal_",
            "product": {
              "name": "sirius_safety_es_v19__tia_portal_",
              "product_id": "CSAFPID-1741184",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sirius_safety_es_v19__tia_portal_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sirius_soft_starter_es_v17__tia_portal_",
            "product": {
              "name": "sirius_soft_starter_es_v17__tia_portal_",
              "product_id": "CSAFPID-1741185",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sirius_soft_starter_es_v17__tia_portal_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sirius_soft_starter_es_v18__tia_portal_",
            "product": {
              "name": "sirius_soft_starter_es_v18__tia_portal_",
              "product_id": "CSAFPID-1741186",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sirius_soft_starter_es_v18__tia_portal_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "sirius_soft_starter_es_v19__tia_portal_",
            "product": {
              "name": "sirius_soft_starter_es_v19__tia_portal_",
              "product_id": "CSAFPID-1741187",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:sirius_soft_starter_es_v19__tia_portal_:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "solid_edge_se2024",
            "product": {
              "name": "solid_edge_se2024",
              "product_id": "CSAFPID-1680248",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:solid_edge_se2024:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "solid_edge_se2024",
            "product": {
              "name": "solid_edge_se2024",
              "product_id": "CSAFPID-1741081",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_10:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "solid_edge_se2024",
            "product": {
              "name": "solid_edge_se2024",
              "product_id": "CSAFPID-1741082",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:solid_edge_se2024:224.0:update_4:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "teamcenter_visualization",
            "product": {
              "name": "teamcenter_visualization",
              "product_id": "CSAFPID-342619",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "teamcenter_visualization_v14.2",
            "product": {
              "name": "teamcenter_visualization_v14.2",
              "product_id": "CSAFPID-1615270",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:teamcenter_visualization_v14.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "teamcenter_visualization_v14.3",
            "product": {
              "name": "teamcenter_visualization_v14.3",
              "product_id": "CSAFPID-1615271",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:teamcenter_visualization_v14.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "teamcenter_visualization_v2312",
            "product": {
              "name": "teamcenter_visualization_v2312",
              "product_id": "CSAFPID-1615272",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:teamcenter_visualization_v2312:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "teamcenter_visualization_v2406",
            "product": {
              "name": "teamcenter_visualization_v2406",
              "product_id": "CSAFPID-1666832",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:teamcenter_visualization_v2406:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-166120",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-1220770",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-1741221",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:2302.0016:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-1727493",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:2302.0018:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-820358",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:2302.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-1673843",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:2303.0000:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-1676081",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:2403.0000:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-1741220",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:2404.0005:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-1727496",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:2404.0007:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-1643856",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:2404.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-1727495",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:v2302.0018:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation",
            "product": {
              "name": "tecnomatix_plant_simulation",
              "product_id": "CSAFPID-1727494",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation:v2404.0007:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation_v2302",
            "product": {
              "name": "tecnomatix_plant_simulation_v2302",
              "product_id": "CSAFPID-1637816",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation_v2302:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation_v2302",
            "product": {
              "name": "tecnomatix_plant_simulation_v2302",
              "product_id": "CSAFPID-1465025",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation_v2302:0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation_v2404",
            "product": {
              "name": "tecnomatix_plant_simulation_v2404",
              "product_id": "CSAFPID-1637817",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation_v2404:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tecnomatix_plant_simulation_v2404",
            "product": {
              "name": "tecnomatix_plant_simulation_v2404",
              "product_id": "CSAFPID-1476361",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tecnomatix_plant_simulation_v2404:0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tia_portal_cloud",
            "product": {
              "name": "tia_portal_cloud",
              "product_id": "CSAFPID-1713204",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tia_portal_cloud:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tia_portal_cloud_v16",
            "product": {
              "name": "tia_portal_cloud_v16",
              "product_id": "CSAFPID-1712827",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tia_portal_cloud_v16:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tia_portal_cloud_v17",
            "product": {
              "name": "tia_portal_cloud_v17",
              "product_id": "CSAFPID-1712828",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tia_portal_cloud_v17:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tia_portal_cloud_v18",
            "product": {
              "name": "tia_portal_cloud_v18",
              "product_id": "CSAFPID-1712829",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tia_portal_cloud_v18:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "tia_portal_cloud_v19",
            "product": {
              "name": "tia_portal_cloud_v19",
              "product_id": "CSAFPID-1741188",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:siemens:tia_portal_cloud_v19:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_mx5000",
            "product": {
              "name": "ruggedcom_rox_mx5000",
              "product_id": "CSAFPID-77041",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_mx5000re",
            "product": {
              "name": "ruggedcom_rox_mx5000re",
              "product_id": "CSAFPID-540801",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1400",
            "product": {
              "name": "ruggedcom_rox_rx1400",
              "product_id": "CSAFPID-77038",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1500",
            "product": {
              "name": "ruggedcom_rox_rx1500",
              "product_id": "CSAFPID-77043",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1501",
            "product": {
              "name": "ruggedcom_rox_rx1501",
              "product_id": "CSAFPID-77042",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1510",
            "product": {
              "name": "ruggedcom_rox_rx1510",
              "product_id": "CSAFPID-77035",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1511",
            "product": {
              "name": "ruggedcom_rox_rx1511",
              "product_id": "CSAFPID-77039",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1512",
            "product": {
              "name": "ruggedcom_rox_rx1512",
              "product_id": "CSAFPID-77037",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1524",
            "product": {
              "name": "ruggedcom_rox_rx1524",
              "product_id": "CSAFPID-77040",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx1536",
            "product": {
              "name": "ruggedcom_rox_rx1536",
              "product_id": "CSAFPID-77036",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "ruggedcom_rox_rx5000",
            "product": {
              "name": "ruggedcom_rox_rx5000",
              "product_id": "CSAFPID-77034",
              "product_identification_helper": {
                "cpe": "cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-28398",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Cross-Site Request Forgery (CSRF)",
          "title": "CWE-352"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1613204",
          "CSAFPID-1613205",
          "CSAFPID-1613206",
          "CSAFPID-1613207",
          "CSAFPID-1613208",
          "CSAFPID-1613209",
          "CSAFPID-1613210",
          "CSAFPID-1613211",
          "CSAFPID-1613212",
          "CSAFPID-1613213",
          "CSAFPID-1613214",
          "CSAFPID-77041",
          "CSAFPID-540801",
          "CSAFPID-77038",
          "CSAFPID-77043",
          "CSAFPID-77042",
          "CSAFPID-77035",
          "CSAFPID-77039",
          "CSAFPID-77037",
          "CSAFPID-77040",
          "CSAFPID-77036",
          "CSAFPID-77034"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-28398",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-28398.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1613204",
            "CSAFPID-1613205",
            "CSAFPID-1613206",
            "CSAFPID-1613207",
            "CSAFPID-1613208",
            "CSAFPID-1613209",
            "CSAFPID-1613210",
            "CSAFPID-1613211",
            "CSAFPID-1613212",
            "CSAFPID-1613213",
            "CSAFPID-1613214",
            "CSAFPID-77041",
            "CSAFPID-540801",
            "CSAFPID-77038",
            "CSAFPID-77043",
            "CSAFPID-77042",
            "CSAFPID-77035",
            "CSAFPID-77039",
            "CSAFPID-77037",
            "CSAFPID-77040",
            "CSAFPID-77036",
            "CSAFPID-77034"
          ]
        }
      ],
      "title": "CVE-2020-28398"
    },
    {
      "cve": "CVE-2024-6657",
      "cwe": {
        "id": "CWE-821",
        "name": "Incorrect Synchronization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Synchronization",
          "title": "CWE-821"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1666785",
          "CSAFPID-1741465"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6657",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6657.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1666785",
            "CSAFPID-1741465"
          ]
        }
      ],
      "title": "CVE-2024-6657"
    },
    {
      "cve": "CVE-2024-41981",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1478981",
          "CSAFPID-1478982",
          "CSAFPID-1478983",
          "CSAFPID-1504458",
          "CSAFPID-1504457",
          "CSAFPID-1504459",
          "CSAFPID-1703072",
          "CSAFPID-1741172",
          "CSAFPID-1741173",
          "CSAFPID-1741174"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-41981",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41981.json"
        }
      ],
      "title": "CVE-2024-41981"
    },
    {
      "cve": "CVE-2024-45463",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45463",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45463.json"
        }
      ],
      "title": "CVE-2024-45463"
    },
    {
      "cve": "CVE-2024-45464",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45464",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45464.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1465025",
            "CSAFPID-1476361",
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272"
          ]
        }
      ],
      "title": "CVE-2024-45464"
    },
    {
      "cve": "CVE-2024-45465",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45465",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45465.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1465025",
            "CSAFPID-1476361",
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272"
          ]
        }
      ],
      "title": "CVE-2024-45465"
    },
    {
      "cve": "CVE-2024-45466",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45466",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45466.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1465025",
            "CSAFPID-1476361",
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272"
          ]
        }
      ],
      "title": "CVE-2024-45466"
    },
    {
      "cve": "CVE-2024-45467",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45467",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45467.json"
        }
      ],
      "title": "CVE-2024-45467"
    },
    {
      "cve": "CVE-2024-45468",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45468",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45468.json"
        }
      ],
      "title": "CVE-2024-45468"
    },
    {
      "cve": "CVE-2024-45469",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45469",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45469.json"
        }
      ],
      "title": "CVE-2024-45469"
    },
    {
      "cve": "CVE-2024-45470",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45470",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45470.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1465025",
            "CSAFPID-1476361",
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272"
          ]
        }
      ],
      "title": "CVE-2024-45470"
    },
    {
      "cve": "CVE-2024-45471",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45471",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45471.json"
        }
      ],
      "title": "CVE-2024-45471"
    },
    {
      "cve": "CVE-2024-45472",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45472",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45472.json"
        }
      ],
      "title": "CVE-2024-45472"
    },
    {
      "cve": "CVE-2024-45473",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45473",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45473.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1465025",
            "CSAFPID-1476361",
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272"
          ]
        }
      ],
      "title": "CVE-2024-45473"
    },
    {
      "cve": "CVE-2024-45474",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45474",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45474.json"
        }
      ],
      "title": "CVE-2024-45474"
    },
    {
      "cve": "CVE-2024-45475",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45475",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45475.json"
        }
      ],
      "title": "CVE-2024-45475"
    },
    {
      "cve": "CVE-2024-45476",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1465025",
          "CSAFPID-1476361",
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45476",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45476.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1465025",
            "CSAFPID-1476361",
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272"
          ]
        }
      ],
      "title": "CVE-2024-45476"
    },
    {
      "cve": "CVE-2024-47046",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1478981",
          "CSAFPID-1478982",
          "CSAFPID-1478983",
          "CSAFPID-1504458",
          "CSAFPID-1504457",
          "CSAFPID-1504459",
          "CSAFPID-1703072",
          "CSAFPID-1741172",
          "CSAFPID-1741173",
          "CSAFPID-1741174"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47046",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47046.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1478981",
            "CSAFPID-1478982",
            "CSAFPID-1478983",
            "CSAFPID-1504458",
            "CSAFPID-1504457",
            "CSAFPID-1504459",
            "CSAFPID-1703072",
            "CSAFPID-1741172",
            "CSAFPID-1741173",
            "CSAFPID-1741174"
          ]
        }
      ],
      "title": "CVE-2024-47046"
    },
    {
      "cve": "CVE-2024-49704",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1702511",
          "CSAFPID-1741068",
          "CSAFPID-1741069",
          "CSAFPID-1741070",
          "CSAFPID-1741071",
          "CSAFPID-1741072",
          "CSAFPID-1741073",
          "CSAFPID-396548"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-49704",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49704.json"
        }
      ],
      "title": "CVE-2024-49704"
    },
    {
      "cve": "CVE-2024-49849",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-99097",
          "CSAFPID-75563",
          "CSAFPID-1713199",
          "CSAFPID-1625341",
          "CSAFPID-1713202",
          "CSAFPID-1713204",
          "CSAFPID-1712825",
          "CSAFPID-1712826",
          "CSAFPID-1703190",
          "CSAFPID-1703191",
          "CSAFPID-1500667",
          "CSAFPID-1741175",
          "CSAFPID-1703187",
          "CSAFPID-1703188",
          "CSAFPID-1703189",
          "CSAFPID-1741176",
          "CSAFPID-1703192",
          "CSAFPID-1703193",
          "CSAFPID-1703194",
          "CSAFPID-1741177",
          "CSAFPID-1702687",
          "CSAFPID-1702688",
          "CSAFPID-1703195",
          "CSAFPID-1741178",
          "CSAFPID-1702694",
          "CSAFPID-1703196",
          "CSAFPID-1703197",
          "CSAFPID-1741179",
          "CSAFPID-1703198",
          "CSAFPID-1703199",
          "CSAFPID-1703200",
          "CSAFPID-1741180",
          "CSAFPID-1703201",
          "CSAFPID-1703202",
          "CSAFPID-1703203",
          "CSAFPID-1741181",
          "CSAFPID-1741182",
          "CSAFPID-1741183",
          "CSAFPID-1741184",
          "CSAFPID-1741185",
          "CSAFPID-1741186",
          "CSAFPID-1741187",
          "CSAFPID-1712827",
          "CSAFPID-1712828",
          "CSAFPID-1712829",
          "CSAFPID-1741188"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-49849",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-49849.json"
        }
      ],
      "title": "CVE-2024-49849"
    },
    {
      "cve": "CVE-2024-52051",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-99097",
          "CSAFPID-75563",
          "CSAFPID-1713199",
          "CSAFPID-1625341",
          "CSAFPID-1713202",
          "CSAFPID-1713204",
          "CSAFPID-1712826",
          "CSAFPID-1741189",
          "CSAFPID-1703191",
          "CSAFPID-1500667",
          "CSAFPID-1741175",
          "CSAFPID-1703188",
          "CSAFPID-1703189",
          "CSAFPID-1741176",
          "CSAFPID-1637854",
          "CSAFPID-1741190",
          "CSAFPID-1703193",
          "CSAFPID-1703194",
          "CSAFPID-1741177",
          "CSAFPID-1702688",
          "CSAFPID-1703195",
          "CSAFPID-1741178",
          "CSAFPID-1703196",
          "CSAFPID-1703197",
          "CSAFPID-1741179",
          "CSAFPID-1703199",
          "CSAFPID-1703200",
          "CSAFPID-1741180",
          "CSAFPID-1703202",
          "CSAFPID-1703203",
          "CSAFPID-1741181",
          "CSAFPID-1741182",
          "CSAFPID-1741183",
          "CSAFPID-1741184",
          "CSAFPID-1741185",
          "CSAFPID-1741186",
          "CSAFPID-1741187",
          "CSAFPID-1712828",
          "CSAFPID-1712829",
          "CSAFPID-1741188"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52051",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52051.json"
        }
      ],
      "title": "CVE-2024-52051"
    },
    {
      "cve": "CVE-2024-52565",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-1220770",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1666832"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52565",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52565.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-1220770",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272",
            "CSAFPID-1666832"
          ]
        }
      ],
      "title": "CVE-2024-52565"
    },
    {
      "cve": "CVE-2024-52566",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-1220770",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1666832"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52566",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52566.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-1220770",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272",
            "CSAFPID-1666832"
          ]
        }
      ],
      "title": "CVE-2024-52566"
    },
    {
      "cve": "CVE-2024-52567",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1220770",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1666832"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52567",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52567.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1220770",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272",
            "CSAFPID-1666832"
          ]
        }
      ],
      "title": "CVE-2024-52567"
    },
    {
      "cve": "CVE-2024-52568",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1220770",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1666832"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52568",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52568.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1220770",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272",
            "CSAFPID-1666832"
          ]
        }
      ],
      "title": "CVE-2024-52568"
    },
    {
      "cve": "CVE-2024-52569",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-1220770",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1666832"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52569",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52569.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-1220770",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272",
            "CSAFPID-1666832"
          ]
        }
      ],
      "title": "CVE-2024-52569"
    },
    {
      "cve": "CVE-2024-52570",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-1220770",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1666832"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52570",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52570.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-1220770",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272",
            "CSAFPID-1666832"
          ]
        }
      ],
      "title": "CVE-2024-52570"
    },
    {
      "cve": "CVE-2024-52571",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1666832"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52571",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52571.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272",
            "CSAFPID-1666832"
          ]
        }
      ],
      "title": "CVE-2024-52571"
    },
    {
      "cve": "CVE-2024-52572",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1666832"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52572",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52572.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272",
            "CSAFPID-1666832"
          ]
        }
      ],
      "title": "CVE-2024-52572"
    },
    {
      "cve": "CVE-2024-52573",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1666832"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52573",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52573.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272",
            "CSAFPID-1666832"
          ]
        }
      ],
      "title": "CVE-2024-52573"
    },
    {
      "cve": "CVE-2024-52574",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1637816",
          "CSAFPID-1637817",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1666832"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-52574",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52574.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1637816",
            "CSAFPID-1637817",
            "CSAFPID-166120",
            "CSAFPID-1615270",
            "CSAFPID-1615271",
            "CSAFPID-1615272",
            "CSAFPID-1666832"
          ]
        }
      ],
      "title": "CVE-2024-52574"
    },
    {
      "cve": "CVE-2024-53041",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-342619",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1637816",
          "CSAFPID-1637817"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-53041",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53041.json"
        }
      ],
      "title": "CVE-2024-53041"
    },
    {
      "cve": "CVE-2024-53242",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-342619",
          "CSAFPID-166120",
          "CSAFPID-1615270",
          "CSAFPID-1615271",
          "CSAFPID-1615272",
          "CSAFPID-1637816",
          "CSAFPID-1637817"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-53242",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53242.json"
        }
      ],
      "title": "CVE-2024-53242"
    },
    {
      "cve": "CVE-2024-53832",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficiently Protected Credentials",
          "title": "CWE-522"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1478257"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-53832",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53832.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1478257"
          ]
        }
      ],
      "title": "CVE-2024-53832"
    },
    {
      "cve": "CVE-2024-54005",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-396548",
          "CSAFPID-1702511",
          "CSAFPID-1741068",
          "CSAFPID-1741069",
          "CSAFPID-1741070",
          "CSAFPID-1741071",
          "CSAFPID-1741072",
          "CSAFPID-1741073"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-54005",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54005.json"
        }
      ],
      "title": "CVE-2024-54005"
    },
    {
      "cve": "CVE-2024-54093",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1680248"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-54093",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54093.json"
        }
      ],
      "title": "CVE-2024-54093"
    },
    {
      "cve": "CVE-2024-54094",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1680248"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-54094",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54094.json"
        }
      ],
      "title": "CVE-2024-54094"
    },
    {
      "cve": "CVE-2024-54095",
      "cwe": {
        "id": "CWE-191",
        "name": "Integer Underflow (Wrap or Wraparound)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Underflow (Wrap or Wraparound)",
          "title": "CWE-191"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1680248"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-54095",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-54095.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1680248"
          ]
        }
      ],
      "title": "CVE-2024-54095"
    }
  ]
}

GSD-2020-28398

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2020-28398

Aliases

CVE-2020-28398

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-28398",
    "id": "GSD-2020-28398"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-28398"
      ],
      "id": "GSD-2020-28398",
      "modified": "2023-12-13T01:22:01.369688Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2020-28398",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-28398 (GCVE-0-2020-28398)

SSA-384652

ICSA-24-347-03

FKIE_CVE-2020-28398

CNVD-2024-47914

GHSA-9982-RC28-7H2W

NCSC-2024-0473

GSD-2020-28398

Tags

Sightings

Nomenclature