VAR-201312-0272
Vulnerability from variot - Updated: 2023-12-18 13:29Siemens SINAMICS S/G controllers with firmware before 4.6.11 do not require authentication for FTP and TELNET sessions, which allows remote attackers to bypass intended access restrictions via TCP traffic to port (1) 21 or (2) 23. Siemens SINAMICS S/G is a frequency converter developed by Siemens and is mainly used for mechanical engineering and plant construction. Siemens SINAMICS S/G are prone to a remote security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and execute administrative commands without proper credentials. Siemens SINAMICS S/G running firmware versions prior to 4.6.11 are vulnerable. The vulnerability stems from the fact that FTP and TELNET sessions do not perform authentication operations
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0272",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinamics s150",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s120cm",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g120c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s\\/g family",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.6"
},
{
"model": "sinamics g110",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g120p",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g110d",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s110",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g150",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g120",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g180",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g120d",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g130",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g110",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g110d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g120",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g120c",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g120d",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g120p",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g130",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g150",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics g180",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s/g family",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "4.6.11"
},
{
"model": "sinamics s110",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s120",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s120 cm",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s150",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "sinamics s/g",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.6.11"
},
{
"model": "sinamics s\\/g family",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "4.6"
},
{
"model": "sinamics s",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "sinamics g",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "sinamics s",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics s",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.6.11"
},
{
"model": "sinamics g",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.7"
},
{
"model": "sinamics g",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "4.6.11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics s120",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g120c",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g120d",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics s150",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g150",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics s110",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g110",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics s 2fg family",
"version": "4.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g120",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g110d",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g180",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g130",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics s120cm",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinamics g120p",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14924"
},
{
"db": "BID",
"id": "64097"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005385"
},
{
"db": "NVD",
"id": "CVE-2013-6920"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-134"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:sinamics_s\\/g_family_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_s120cm:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_g110d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_g180:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_g120p:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_g120d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_g120c:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_g120:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_g110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:sinamics_s110:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6920"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "64097"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6920",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-6920",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-14924",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-66922",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6920",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-14924",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201312-134",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-66922",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14924"
},
{
"db": "VULHUB",
"id": "VHN-66922"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005385"
},
{
"db": "NVD",
"id": "CVE-2013-6920"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-134"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SINAMICS S/G controllers with firmware before 4.6.11 do not require authentication for FTP and TELNET sessions, which allows remote attackers to bypass intended access restrictions via TCP traffic to port (1) 21 or (2) 23. Siemens SINAMICS S/G is a frequency converter developed by Siemens and is mainly used for mechanical engineering and plant construction. Siemens SINAMICS S/G are prone to a remote security bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and execute administrative commands without proper credentials. \nSiemens SINAMICS S/G running firmware versions prior to 4.6.11 are vulnerable. The vulnerability stems from the fact that FTP and TELNET sessions do not perform authentication operations",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6920"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005385"
},
{
"db": "CNVD",
"id": "CNVD-2013-14924"
},
{
"db": "BID",
"id": "64097"
},
{
"db": "IVD",
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-66922"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6920",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-13-338-01",
"trust": 3.4
},
{
"db": "SIEMENS",
"id": "SSA-742938",
"trust": 2.6
},
{
"db": "BID",
"id": "64097",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201312-134",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-14924",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005385",
"trust": 0.8
},
{
"db": "IVD",
"id": "6C5B7C0E-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-66922",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14924"
},
{
"db": "VULHUB",
"id": "VHN-66922"
},
{
"db": "BID",
"id": "64097"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005385"
},
{
"db": "NVD",
"id": "CVE-2013-6920"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-134"
}
]
},
"id": "VAR-201312-0272",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14924"
},
{
"db": "VULHUB",
"id": "VHN-66922"
}
],
"trust": 1.5468761266666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14924"
}
]
},
"last_update_date": "2023-12-18T13:29:47.835000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-742938",
"trust": 0.8,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-742938.pdf"
},
{
"title": "Siemens SINAMICS S/G security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41496"
},
{
"title": "Siemens SINAMICS S/G Controller Authentication Bypass Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=109060"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14924"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005385"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-134"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66922"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005385"
},
{
"db": "NVD",
"id": "CVE-2013-6920"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-13-338-01"
},
{
"trust": 2.6,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-742938.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-742938.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6920"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6920"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
},
{
"trust": 0.3,
"url": "http://www.industry.siemens.com/drives/global/en/converter/low-voltage-drives/pages/default.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14924"
},
{
"db": "VULHUB",
"id": "VHN-66922"
},
{
"db": "BID",
"id": "64097"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005385"
},
{
"db": "NVD",
"id": "CVE-2013-6920"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-134"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14924"
},
{
"db": "VULHUB",
"id": "VHN-66922"
},
{
"db": "BID",
"id": "64097"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005385"
},
{
"db": "NVD",
"id": "CVE-2013-6920"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-134"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-09T00:00:00",
"db": "IVD",
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-12-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14924"
},
{
"date": "2013-12-07T00:00:00",
"db": "VULHUB",
"id": "VHN-66922"
},
{
"date": "2013-12-04T00:00:00",
"db": "BID",
"id": "64097"
},
{
"date": "2013-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005385"
},
{
"date": "2013-12-07T00:55:04.147000",
"db": "NVD",
"id": "CVE-2013-6920"
},
{
"date": "2013-12-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-134"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14924"
},
{
"date": "2020-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-66922"
},
{
"date": "2013-12-04T00:00:00",
"db": "BID",
"id": "64097"
},
{
"date": "2013-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005385"
},
{
"date": "2020-02-10T15:15:12.573000",
"db": "NVD",
"id": "CVE-2013-6920"
},
{
"date": "2020-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-134"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-134"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SINAMICS S/G Security Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "6c5b7c0e-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14924"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-134"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…