var-201908-1834
Vulnerability from variot
A vulnerability has been identified in SCALANCE SC-600 (V2.0). An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by an authenticated attacker with physical access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the confidentiality, integrity and availability of the affected device. SCALANCE SC-600 Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SCALANCE SC-600 is an industrial safety device from Germany's Siemens. This product mainly protects equipment and networks in discrete manufacturing and process industries, and protects industrial communications through mechanisms such as stateful packet inspection firewalls (SPI firewalls) and virtual private networks (VPNs).
Command injection vulnerability exists in Siemens SCALANCE SC-600 V2.0. The vulnerability stems from the fact that the network system or product did not properly filter the special elements in the process of constructing executable commands from external input data. An attacker could use this vulnerability to execute an illegal command. SCALANCE SC firewall is used to protect trusted industrial networks from untrusted networks. It allows filtering of input and output network connections in different ways
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-1834",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scalance sc-600",
"scope": "eq",
"trust": 1.8,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "scalance sc-600",
"scope": "eq",
"trust": 1.2,
"vendor": "siemens",
"version": "v2.0"
},
{
"model": "scalance xb-200",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.1"
},
{
"model": "scalance xc-200",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.1"
},
{
"model": "scalance xf-200ba",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.1"
},
{
"model": "scalance xp-200",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.1"
},
{
"model": "scalance xr-300wg",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4.1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"db": "CNVD",
"id": "CNVD-2019-27706"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008095"
},
{
"db": "NVD",
"id": "CVE-2019-10928"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_sc-600_firmware:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10928"
}
]
},
"cve": "CVE-2019-10928",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-10928",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-10472",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2019-27706",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-142523",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-10928",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-10928",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2020-10472",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-27706",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-893",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142523",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"db": "CNVD",
"id": "CNVD-2019-27706"
},
{
"db": "VULHUB",
"id": "VHN-142523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008095"
},
{
"db": "NVD",
"id": "CVE-2019-10928"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-893"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SCALANCE SC-600 (V2.0). An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by an authenticated attacker with physical access to the affected device. No user interaction is required to exploit this vulnerability. The vulnerability impacts the confidentiality, integrity and availability of the affected device. SCALANCE SC-600 Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SCALANCE SC-600 is an industrial safety device from Germany\u0027s Siemens. This product mainly protects equipment and networks in discrete manufacturing and process industries, and protects industrial communications through mechanisms such as stateful packet inspection firewalls (SPI firewalls) and virtual private networks (VPNs). \n\r\n\r\nCommand injection vulnerability exists in Siemens SCALANCE SC-600 V2.0. The vulnerability stems from the fact that the network system or product did not properly filter the special elements in the process of constructing executable commands from external input data. An attacker could use this vulnerability to execute an illegal command. SCALANCE SC firewall is used to protect trusted industrial networks from untrusted networks. It allows filtering of input and output network connections in different ways",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10928"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008095"
},
{
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"db": "CNVD",
"id": "CNVD-2019-27706"
},
{
"db": "VULHUB",
"id": "VHN-142523"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10928",
"trust": 3.1
},
{
"db": "SIEMENS",
"id": "SSA-671286",
"trust": 2.9
},
{
"db": "ICS CERT",
"id": "ICSA-19-227-03",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008095",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201908-893",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-10472",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2019-27706",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3149",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-142523",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"db": "CNVD",
"id": "CNVD-2019-27706"
},
{
"db": "VULHUB",
"id": "VHN-142523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008095"
},
{
"db": "NVD",
"id": "CVE-2019-10928"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-893"
}
]
},
"id": "VAR-201908-1834",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"db": "CNVD",
"id": "CNVD-2019-27706"
},
{
"db": "VULHUB",
"id": "VHN-142523"
}
],
"trust": 1.9103673033333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"db": "CNVD",
"id": "CNVD-2019-27706"
}
]
},
"last_update_date": "2023-12-18T13:38:12.558000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-671286",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-671286.pdf"
},
{
"title": "Patch for Siemens SCALANCE SC-600 command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/201863"
},
{
"title": "Patch for Siemens SCALANCE SC-600 Command Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/175789"
},
{
"title": "SCALANCE SC-600 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=96581"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"db": "CNVD",
"id": "CNVD-2019-27706"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008095"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-893"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-77",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008095"
},
{
"db": "NVD",
"id": "CVE-2019-10928"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-671286.pdf"
},
{
"trust": 1.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-227-03"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10928"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10928"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-227-03"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3149/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"db": "CNVD",
"id": "CNVD-2019-27706"
},
{
"db": "VULHUB",
"id": "VHN-142523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008095"
},
{
"db": "NVD",
"id": "CVE-2019-10928"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-893"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"db": "CNVD",
"id": "CNVD-2019-27706"
},
{
"db": "VULHUB",
"id": "VHN-142523"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008095"
},
{
"db": "NVD",
"id": "CVE-2019-10928"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-893"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-27706"
},
{
"date": "2019-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-142523"
},
{
"date": "2019-08-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008095"
},
{
"date": "2019-08-13T19:15:14.767000",
"db": "NVD",
"id": "CVE-2019-10928"
},
{
"date": "2019-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-893"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-27706"
},
{
"date": "2020-10-02T00:00:00",
"db": "VULHUB",
"id": "VHN-142523"
},
{
"date": "2019-10-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008095"
},
{
"date": "2020-10-02T14:09:24.937000",
"db": "NVD",
"id": "CVE-2019-10928"
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-893"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SCALANCE SC-600 command injection vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-10472"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-893"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-893"
}
],
"trust": 0.6
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.