var-201504-0234
Vulnerability from variot
Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A port that can cause a denial of service attack. Multiple Siemens SIMATIC products are prone to a denial-of-service vulnerability. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. Siemens SIMATIC HMI Comfort Panels and SIMATIC WinCC Runtime Advanced are HMI software for controlling and monitoring machines and equipment from Siemens, Germany
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201504-0234",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "13.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wincc",
"version": "*"
},
{
"model": "simatic hmi comfort panels",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": "lt",
"trust": 0.8,
"vendor": "siemens",
"version": "runtime advanced 13 sp1 upd2"
},
{
"model": "simatic hmi comfort panels before wincc sp1 upd2",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "13"
},
{
"model": "simatic wincc runtime advanced sp1 upd2",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "13"
},
{
"model": "wincc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "13.0"
}
],
"sources": [
{
"db": "IVD",
"id": "984ee090-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
},
{
"db": "CNVD",
"id": "CNVD-2015-02292"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002125"
},
{
"db": "NVD",
"id": "CVE-2015-2822"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-096"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp1:*:*:advanced:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:*:sp1:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2822"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Quarkslab team and Ilya Karpov from Positive Technologies.",
"sources": [
{
"db": "BID",
"id": "74028"
}
],
"trust": 0.3
},
"cve": "CVE-2015-2822",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2015-2822",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-02292",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "984ee090-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-80783",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-2822",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-02292",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201504-096",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "984ee090-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-80783",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "984ee090-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
},
{
"db": "CNVD",
"id": "CNVD-2015-02292"
},
{
"db": "VULHUB",
"id": "VHN-80783"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002125"
},
{
"db": "NVD",
"id": "CVE-2015-2822"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-096"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A port that can cause a denial of service attack. Multiple Siemens SIMATIC products are prone to a denial-of-service vulnerability. \nRemote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. Siemens SIMATIC HMI Comfort Panels and SIMATIC WinCC Runtime Advanced are HMI software for controlling and monitoring machines and equipment from Siemens, Germany",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2822"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002125"
},
{
"db": "CNVD",
"id": "CNVD-2015-02292"
},
{
"db": "BID",
"id": "74028"
},
{
"db": "IVD",
"id": "984ee090-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
},
{
"db": "VULHUB",
"id": "VHN-80783"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-2822",
"trust": 3.8
},
{
"db": "BID",
"id": "74028",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-487246",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201504-096",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2015-02292",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-15-099-01",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002125",
"trust": 0.8
},
{
"db": "IVD",
"id": "984EE090-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "CDA955ED-285A-41F6-A455-3A71C5E4729A",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-80783",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "984ee090-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
},
{
"db": "CNVD",
"id": "CNVD-2015-02292"
},
{
"db": "VULHUB",
"id": "VHN-80783"
},
{
"db": "BID",
"id": "74028"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002125"
},
{
"db": "NVD",
"id": "CVE-2015-2822"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-096"
}
]
},
"id": "VAR-201504-0234",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "984ee090-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
},
{
"db": "CNVD",
"id": "CNVD-2015-02292"
},
{
"db": "VULHUB",
"id": "VHN-80783"
}
],
"trust": 1.662152946
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "984ee090-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
},
{
"db": "CNVD",
"id": "CNVD-2015-02292"
}
]
},
"last_update_date": "2023-12-18T12:07:29.321000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-487246",
"trust": 0.8,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf"
},
{
"title": "Patch for Siemens SIMATIC and SIMATIC WinCC HMI Comfort Panels denial of service vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/57131"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02292"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002125"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-80783"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002125"
},
{
"db": "NVD",
"id": "CVE-2015-2822"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2822"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/74028"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2822"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-099-01"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02292"
},
{
"db": "VULHUB",
"id": "VHN-80783"
},
{
"db": "BID",
"id": "74028"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002125"
},
{
"db": "NVD",
"id": "CVE-2015-2822"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-096"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "984ee090-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
},
{
"db": "CNVD",
"id": "CNVD-2015-02292"
},
{
"db": "VULHUB",
"id": "VHN-80783"
},
{
"db": "BID",
"id": "74028"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002125"
},
{
"db": "NVD",
"id": "CVE-2015-2822"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-096"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-10T00:00:00",
"db": "IVD",
"id": "984ee090-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-04-10T00:00:00",
"db": "IVD",
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
},
{
"date": "2015-04-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02292"
},
{
"date": "2015-04-08T00:00:00",
"db": "VULHUB",
"id": "VHN-80783"
},
{
"date": "2015-04-09T00:00:00",
"db": "BID",
"id": "74028"
},
{
"date": "2015-04-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002125"
},
{
"date": "2015-04-08T16:59:00.067000",
"db": "NVD",
"id": "CVE-2015-2822"
},
{
"date": "2015-04-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-096"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02292"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-80783"
},
{
"date": "2015-10-26T16:22:00",
"db": "BID",
"id": "74028"
},
{
"date": "2015-04-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002125"
},
{
"date": "2016-11-28T19:21:57.340000",
"db": "NVD",
"id": "CVE-2015-2822"
},
{
"date": "2015-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-096"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201504-096"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC HMI Comfort Panels and SIMATIC WinCC Runtime Advanced Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002125"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "984ee090-2351-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cda955ed-285a-41f6-a455-3a71c5e4729a"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-096"
}
],
"trust": 1.0
}
}
Loading...