FKIE_CVE-2019-10930

Vulnerability from fkie_nvd - Published: 2019-07-11 22:15 - Updated: 2024-11-21 04:20
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering software (All versions < V7.90), SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.90), SIPROTEC 5 device types 7SS85 and 7KE85 (All versions < V8.01), SIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modules (All versions). A remote attacker could use specially crafted packets sent to port 443/TCP to upload, download or delete files in certain parts of the file system.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdfVendor Advisory
Impacted products
Vendor Product Version
siemens digsi_5_engineering_software 7.90
siemens siprotec_5_digsi_device_driver 7.90
siemens 6md85 -
siemens 6md86 -
siemens 6md89 -
siemens 7sa82 -
siemens 7sa86 -
siemens 7sa87 -
siemens 7sd82 -
siemens 7sd86 -
siemens 7sd87 -
siemens 7sj82 -
siemens 7sj85 -
siemens 7sj86 -
siemens 7sk82 -
siemens 7sk85 -
siemens 7sl82 -
siemens 7sl86 -
siemens 7sl87 -
siemens 7um85 -
siemens 7ut82 -
siemens 7ut85 -
siemens 7ut86 -
siemens 7ut87 -
siemens 7ve85 -
siemens 7vk87 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:digsi_5_engineering_software:7.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "4ECD61D0-7721-4E41-AF27-207270428969",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:siprotec_5_digsi_device_driver:7.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "667C7D61-C8C6-4343-81F6-1545183E6A1B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:6md85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "23076116-128D-4366-B5BC-B965001FE356",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6md86:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3457758B-A04D-4544-B0FA-DF87AA11D8FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:6md89:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F0672FC-AEC1-445B-B958-AEDB6DCEE1E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sa82:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF247CA0-37E1-40DF-96F5-9F00128EA250",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sa86:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDD3C99B-CDD8-4919-BE72-73814C2642A4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sa87:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE6CCA9-A246-4EB2-A57B-FE6823A9E3FD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sd82:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E11B4A68-F533-4AC0-80A9-7374FDFE2DEA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sd86:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73F8D692-F268-45A4-9348-C67890A58881",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sd87:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5A3FFD-17AD-4820-97D3-2F093BD5F322",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sj82:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5739872A-E271-48BB-ABB5-17608E81AE7A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sj85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECC6417D-2C81-4654-B7FF-6C3E1B709962",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sj86:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C52A6630-46F3-4113-B5E8-F5BAB7801CB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sk82:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "088AC7F2-4FF3-4EF9-A111-D47DB859ECA1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sk85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73DD95AC-9B8F-43CD-9483-2BB9C4E86376",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sl82:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A9F05D9-C1DF-4D73-8634-239ABFE526DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sl86:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C6662F7-5E3D-43A8-9984-EF1540BC917B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7sl87:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E122323B-A42B-4DAB-A071-ACF76DC45E28",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7um85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAA9E810-2C00-4721-B3A6-E7CD7184BA24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7ut82:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E959A8E-21D1-4950-974B-A89693C14DC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7ut85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA075D19-21BF-4A7C-87B8-6A9D99799826",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7ut86:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC0D445-9A9B-4799-8B83-8B15821A6CC1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7ut87:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2A73860-76C5-435B-8150-1EABF644ADA0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7ve85:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D58566D-C2F7-4D9A-ACD6-D493E4531491",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:siemens:7vk87:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D9FD3B7-C7F7-41C1-9290-411F9D912D00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering software (All versions \u003c V7.90), SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions \u003c V7.90), SIPROTEC 5 device types 7SS85 and 7KE85 (All versions \u003c V8.01), SIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modules (All versions). A remote attacker could use specially crafted packets sent to port 443/TCP to upload, download or delete files in certain parts of the file system."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en todos los dem\u00e1s tipos de dispositivos SIPROTEC 5 con variantes de CPU CP300 y CP100 y los respectivos m\u00f3dulos de comunicaci\u00f3n Ethernet (todas las versiones), software de ingenier\u00eda DIGSI 5 (todas las versiones anteriores a la versi\u00f3n V7.90), tipos de dispositivos SIPROTEC 5 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 y  7VE85 y CPU con variantes CP300 y CP100 los respectivos m\u00f3dulos de comunicaci\u00f3n Ethernet (todas las versiones anteriores a la versi\u00f3n V7.90), tipos de dispositivos SIPROTEC 5 7SS85 y 7KE85 (todas las versiones anteriores a la versi\u00f3n V8.01), tipos de dispositivos SIPROTEC 5 con variantes de CP200 y los respectivos m\u00f3dulos de comunicaci\u00f3n Ethernet (todas las versiones). Un atacante remoto podr\u00eda usar paquetes especialmente dise\u00f1ados enviados al puerto 443/TCP para cargar, descargar o eliminar archivos en ciertas partes del sistema de archivos"
    }
  ],
  "id": "CVE-2019-10930",
  "lastModified": "2024-11-21T04:20:10.640",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-07-11T22:15:11.560",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-552"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.