cve-2020-7588
Vulnerability from cvelistv5
Published
2020-07-14 13:18
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Discrete |
Version: All versions < V3.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.850Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Opcenter Execution Discrete", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Execution Foundation", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Execution Process", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.2", }, ], }, { product: "Opcenter Intelligence", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.3", }, ], }, { product: "Opcenter Quality", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V11.3", }, ], }, { product: "Opcenter RD&L", vendor: "Siemens", versions: [ { status: "affected", version: "V8.0", }, ], }, { product: "SIMATIC IT LMS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.6", }, ], }, { product: "SIMATIC IT Production Suite", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.0", }, ], }, { product: "SIMATIC Notifier Server for Windows", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS neo", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0 SP1", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMOCODE ES V15.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 4", }, ], }, { product: "SIMOCODE ES V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 1", }, ], }, { product: "Soft Starter ES V15.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 3", }, ], }, { product: "Soft Starter ES V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T11:16:56", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-7588", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Opcenter Execution Discrete", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Execution Foundation", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Execution Process", version: { version_data: [ { version_value: "All versions < V3.2", }, ], }, }, { product_name: "Opcenter Intelligence", version: { version_data: [ { version_value: "All versions < V3.3", }, ], }, }, { product_name: "Opcenter Quality", version: { version_data: [ { version_value: "All versions < V11.3", }, ], }, }, { product_name: "Opcenter RD&L", version: { version_data: [ { version_value: "V8.0", }, ], }, }, { product_name: "SIMATIC IT LMS", version: { version_data: [ { version_value: "All versions < V2.6", }, ], }, }, { product_name: "SIMATIC IT Production Suite", version: { version_data: [ { version_value: "All versions < V8.0", }, ], }, }, { product_name: "SIMATIC Notifier Server for Windows", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS neo", version: { version_data: [ { version_value: "All versions < V3.0 SP1", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal) V15", version: { version_data: [ { version_value: "All versions < V15.1 Update 5", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal) V16", version: { version_data: [ { version_value: "All versions < V16 Update 2", }, ], }, }, { product_name: "SIMOCODE ES V15.1", version: { version_data: [ { version_value: "All versions < V15.1 Update 4", }, ], }, }, { product_name: "SIMOCODE ES V16", version: { version_data: [ { version_value: "All versions < V16 Update 1", }, ], }, }, { product_name: "Soft Starter ES V15.1", version: { version_data: [ { version_value: "All versions < V15.1 Update 3", }, ], }, }, { product_name: "Soft Starter ES V16", version: { version_data: [ { version_value: "All versions < V16 Update 1", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20: Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7588", datePublished: "2020-07-14T13:18:05", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.850Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:opcenter_execution_discrete:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.2\", \"matchCriteriaId\": \"F33BF89C-F36E-4C8F-ABB9-579E2022DDA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:opcenter_execution_foundation:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.2\", \"matchCriteriaId\": \"1DCE5E06-B75F-4D21-96CC-70DD373B1811\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:opcenter_execution_process:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.2\", \"matchCriteriaId\": \"C4DD5C57-5877-495C-A01E-747E5DCED9F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA9BAFAE-C26A-4435-80C1-508F0A3EF768\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.3\", \"matchCriteriaId\": \"9DB2F53B-817C-41F3-9B52-85DE702ACCE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:opcenter_rd\\\\&l:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE037602-C9E8-45D5-9A44-3B73052F478E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_it_lms:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"524AE90C-821A-4864-B3B2-33C083B536CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_it_production_suite:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6324685-60ED-44CC-BAEA-3BEEBE681AC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_notifier_server:*:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"DE74021F-CE57-42CC-8093-E1B0352410FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D61D4B81-7F51-49BE-83DD-D2C28D23B0EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"15\", \"versionEndIncluding\": \"15.1\", \"matchCriteriaId\": \"2190AEE1-7EEA-48A9-B6C7-FF4B3A26008E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"66CB66B9-176E-4FA3-BC67-E7C5972A307C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simatic_step_7:16:update_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E011D6F-CC5F-4278-80AB-D568730AA041\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE934FDC-666F-4D9D-9C03-2896875F0A0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:siemens:soft_starter_es:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA57190F-97BA-4D1D-BC73-F37162B775F9\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.\"}, {\"lang\": \"es\", \"value\": \"Se ha identificado una vulnerabilidad en Opcenter Execution Discrete (Todas las versiones anteriores a V3.2), Opcenter Execution Foundation (Todas las versiones anteriores a V3.2), Opcenter Execution Process (Todas las versiones anteriores a V3.2), Opcenter Intelligence (Todas las versiones anteriores a V3.3), Opcenter Quality (Todas las versiones anteriores a V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (Todas las versiones anteriores a V2.6), SIMATIC IT Production Suite (Todas las versiones anteriores a V8. 0), SIMATIC Notifier Server for Windows (Todas las versiones), SIMATIC PCS neo (Todas las versiones anteriores a V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 2), SIMOCODE ES V15. 1 (Todas las versiones anteriores a V15.1 Update 4), SIMOCODE ES V16 (Todas las versiones anteriores a V16 Update 1), Soft Starter ES V15.1 (Todas las versiones anteriores a V15.1 Update 3), Soft Starter ES V16 (Todas las versiones anteriores a V16 Update 1). El env\\u00edo de un paquete especialmente dise\\u00f1ado al servicio afectado podr\\u00eda causar una denegaci\\u00f3n de servicio remota parcial, que har\\u00eda que el servicio se reiniciara\"}]", id: "CVE-2020-7588", lastModified: "2024-11-21T05:37:25.660", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2020-07-14T14:15:18.993", references: "[{\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf\", \"source\": \"productcert@siemens.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]", sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"productcert@siemens.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2020-7588\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2020-07-14T14:15:18.993\",\"lastModified\":\"2024-11-21T05:37:25.660\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en Opcenter Execution Discrete (Todas las versiones anteriores a V3.2), Opcenter Execution Foundation (Todas las versiones anteriores a V3.2), Opcenter Execution Process (Todas las versiones anteriores a V3.2), Opcenter Intelligence (Todas las versiones anteriores a V3.3), Opcenter Quality (Todas las versiones anteriores a V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (Todas las versiones anteriores a V2.6), SIMATIC IT Production Suite (Todas las versiones anteriores a V8. 0), SIMATIC Notifier Server for Windows (Todas las versiones), SIMATIC PCS neo (Todas las versiones anteriores a V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 2), SIMOCODE ES V15. 1 (Todas las versiones anteriores a V15.1 Update 4), SIMOCODE ES V16 (Todas las versiones anteriores a V16 Update 1), Soft Starter ES V15.1 (Todas las versiones anteriores a V15.1 Update 3), Soft Starter ES V16 (Todas las versiones anteriores a V16 Update 1). El envío de un paquete especialmente diseñado al servicio afectado podría causar una denegación de servicio remota parcial, que haría que el servicio se reiniciara\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:opcenter_execution_discrete:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2\",\"matchCriteriaId\":\"F33BF89C-F36E-4C8F-ABB9-579E2022DDA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:opcenter_execution_foundation:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2\",\"matchCriteriaId\":\"1DCE5E06-B75F-4D21-96CC-70DD373B1811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:opcenter_execution_process:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.2\",\"matchCriteriaId\":\"C4DD5C57-5877-495C-A01E-747E5DCED9F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA9BAFAE-C26A-4435-80C1-508F0A3EF768\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.3\",\"matchCriteriaId\":\"9DB2F53B-817C-41F3-9B52-85DE702ACCE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:opcenter_rd\\\\&l:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE037602-C9E8-45D5-9A44-3B73052F478E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_it_lms:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"524AE90C-821A-4864-B3B2-33C083B536CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_it_production_suite:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6324685-60ED-44CC-BAEA-3BEEBE681AC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_notifier_server:*:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"DE74021F-CE57-42CC-8093-E1B0352410FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D61D4B81-7F51-49BE-83DD-D2C28D23B0EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15\",\"versionEndIncluding\":\"15.1\",\"matchCriteriaId\":\"2190AEE1-7EEA-48A9-B6C7-FF4B3A26008E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"66CB66B9-176E-4FA3-BC67-E7C5972A307C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_step_7:16:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E011D6F-CC5F-4278-80AB-D568730AA041\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE934FDC-666F-4D9D-9C03-2896875F0A0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:soft_starter_es:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA57190F-97BA-4D1D-BC73-F37162B775F9\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}", }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.