admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-01-10 12:00:41 +00:00
parent 2d66db0b9e
commit c37e921847
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
46 changed files with 9137 additions and 3668 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
2018/16xxx/CVE-2018-16556.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16556",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2018-16556",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1). Specially crafted packets sent to port 102/tcp via Ethernet interface, via PROFIBUS, or via Multi Point Interfaces (MPI) could cause the affected devices to go into defect mode. Manual reboot is required to resume normal operation. Successful exploitation requires an attacker to be able to send specially crafted packets to port 102/tcp via Ethernet interface, via PROFIBUS or Multi Point Interfaces (MPI). No user interaction and no user privileges are required to exploit the security vulnerability. The vulnerability could allow causing a denial of service condition of the core functionality of the CPU, compromising the availability of the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -14,22 +35,13 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SIMATIC S7-400 DP V7 CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -39,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V6.0.9"
"version_value": "All versions < V6.0.9",
"version_affected": "="
}
]
}
@ -49,7 +62,19 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -59,7 +84,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V8.2.1"
"version_value": "All versions < V8.2.1",
"version_affected": "="
}
]
}
@ -70,38 +96,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-400 DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1). Specially crafted packets sent to port 102/tcp via Ethernet interface, via PROFIBUS, or via Multi Point Interfaces (MPI) could cause the affected devices to go into defect mode. Manual reboot is required to resume normal operation. Successful exploitation requires an attacker to be able to send specially crafted packets to port 102/tcp via Ethernet interface, via PROFIBUS or Multi Point Interfaces (MPI). No user interaction and no user privileges are required to exploit the security vulnerability. The vulnerability could allow causing a denial of service condition of the core functionality of the CPU, compromising the availability of the system."
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-317-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-317-02"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-113131.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-113131.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}
}

103
2018/16xxx/CVE-2018-16557.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-16557",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2018-16557",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1). Sending of specially crafted packets to port 102/tcp via Ethernet interface via PROFIBUS or Multi Point Interfaces (MPI) could cause a denial of service condition on affected devices. Flashing with a firmware image may be required to recover the CPU. Successful exploitation requires an attacker to have network access to port 102/tcp via Ethernet interface or to be able to send messages via PROFIBUS or Multi Point Interfaces (MPI) to the device. No user interaction is required. If no access protection is configured, no privileges are required to exploit the security vulnerability. The vulnerability could allow causing a denial of service condition of the core functionality of the CPU, compromising the availability of the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347: Improper Verification of Cryptographic Signature",
"cweId": "CWE-347"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -14,22 +35,13 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SIMATIC S7-400 DP V7 CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -39,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V6.0.9"
"version_value": "All versions < V6.0.9",
"version_affected": "="
}
]
}
@ -49,7 +62,19 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -59,7 +84,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V8.2.1"
"version_value": "All versions < V8.2.1",
"version_affected": "="
}
]
}
@ -70,38 +96,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347: Improper Verification of Cryptographic Signature"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-400 DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1). Sending of specially crafted packets to port 102/tcp via Ethernet interface via PROFIBUS or Multi Point Interfaces (MPI) could cause a denial of service condition on affected devices. Flashing with a firmware image may be required to recover the CPU. Successful exploitation requires an attacker to have network access to port 102/tcp via Ethernet interface or to be able to send messages via PROFIBUS or Multi Point Interfaces (MPI) to the device. No user interaction is required. If no access protection is configured, no privileges are required to exploit the security vulnerability. The vulnerability could allow causing a denial of service condition of the core functionality of the CPU, compromising the availability of the system."
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-317-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-317-02"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-113131.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-113131.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
"baseScore": 8.2,
"baseSeverity": "HIGH"
}
]
}
}

359
2018/4xxx/CVE-2018-4843.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-4843",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2018-4843",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (All versions < V1.7.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.16), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.16), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX 2010 (All versions < V2010 SP3), SIMATIC WinAC RTX F 2010 (All versions < V2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.16), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.16), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.16), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.16), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.16), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a Denial-of-Service condition of the requesting system. The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. Successful exploitation requires no user interaction or privileges and impacts the availability of core functionality of the affected device. A manual restart is required to recover the system. At the time of advisory publication no public exploitation of this security vulnerability is known. Siemens provides mitigations to resolve the security issue. PROFIBUS interfaces are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -29,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -39,7 +62,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -49,7 +73,63 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
@ -59,27 +139,129 @@
"version": {
"version_data": [
{
"version_value": "All versions < V1.7.0"
"version_value": "All versions < V1.7.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 Software Controller (incl. F)",
"product_name": "SIMATIC S7-1500 Software Controller",
"version": {
"version_data": [
{
"version_value": "All versions < V1.7.0"
"version_value": "All versions < V1.7.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"product_name": "SIMATIC S7-300 CPU 314C-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.16"
"version_value": "All versions < V3.3.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 319-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 319F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
@ -89,7 +271,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V6.0.9"
"version_value": "All versions < V6.0.9",
"version_affected": "="
}
]
}
@ -99,7 +282,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V6.0.7"
"version_value": "All versions < V6.0.7",
"version_affected": "="
}
]
}
@ -109,7 +293,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -119,17 +304,30 @@
"version": {
"version_data": [
{
"version_value": "All versions < V8.1"
"version_value": "All versions < V8.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC WinAC RTX (F) 2010",
"product_name": "SIMATIC WinAC RTX 2010",
"version": {
"version_data": [
{
"version_value": "All versions < SIMATIC WinAC RTX 2010 SP3"
"version_value": "All versions < V2010 SP3",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC WinAC RTX F 2010",
"version": {
"version_data": [
{
"version_value": "All versions < V2010 SP3",
"version_affected": "="
}
]
}
@ -139,7 +337,85 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.7 SP6 HF1"
"version_value": "All versions < V4.7 SP6 HF1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 314C-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.3.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 315-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 315F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 317-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 317F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.16",
"version_affected": "="
}
]
}
@ -149,7 +425,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -160,32 +437,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 (incl. SIPLUS variants) (All versions), SIMATIC CP 443-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V1.7.0), SIMATIC S7-1500 Software Controller (incl. F) (All versions < V1.7.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.16), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.1), SIMATIC WinAC RTX (F) 2010 (All versions < SIMATIC WinAC RTX 2010 SP3), SINUMERIK 828D (All versions < V4.7 SP6 HF1), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a Denial-of-Service condition of the requesting system. The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. Successful exploitation requires no user interaction or privileges and impacts the availability of core functionality of the affected device. A manual restart is required to recover the system. At the time of advisory publication no public exploitation of this security vulnerability is known. Siemens provides mitigations to resolve the security issue. PROFIBUS interfaces are not affected."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}

449
2019/10xxx/CVE-2019-10923.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-10923",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-10923",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SCALANCE X-200IRT switch family (incl. SIPLUS NET variants), SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU, SIMATIC ET 200pro IM154-8FX PN/DP CPU, SIMATIC ET 200S IM151-8 PN/DP CPU, SIMATIC ET 200S IM151-8F PN/DP CPU, SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 4AO U/I 4xM12, SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12, SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12, SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12, SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12, SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12, SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12, SIMATIC ET200ecoPN: IO-Link Master, SIMATIC ET200M (incl. SIPLUS variants), SIMATIC ET200pro, SIMATIC ET200S (incl. SIPLUS variants), SIMATIC NET CP 1604, SIMATIC NET CP 1616, SIMATIC PN/PN Coupler (incl. SIPLUS NET variants), SIMATIC S7-300 CPU 314C-2 PN/DP, SIMATIC S7-300 CPU 315-2 PN/DP, SIMATIC S7-300 CPU 315F-2 PN/DP, SIMATIC S7-300 CPU 315T-3 PN/DP, SIMATIC S7-300 CPU 317-2 PN/DP, SIMATIC S7-300 CPU 317F-2 PN/DP, SIMATIC S7-300 CPU 317T-3 PN/DP, SIMATIC S7-300 CPU 317TF-3 PN/DP, SIMATIC S7-300 CPU 319-3 PN/DP, SIMATIC S7-300 CPU 319F-3 PN/DP, SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC WinAC RTX 2010, SIMATIC WinAC RTX F 2010, SIMOTION (incl. SIPLUS variants), SINAMICS DCM, SINAMICS DCP, SINAMICS G110M V4.7 Control Unit, SINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS G130 V4.7 Control Unit, SINAMICS G150 Control Unit, SINAMICS GH150 V4.7 Control Unit, SINAMICS GL150 V4.7 Control Unit, SINAMICS GM150 V4.7 Control Unit, SINAMICS S110 Control Unit, SINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants), SINAMICS S150 Control Unit, SINAMICS SL150 V4.7 Control Unit, SINAMICS SM120 V4.7 Control Unit, SINUMERIK 828D, SINUMERIK 840D sl, SIPLUS ET 200S IM151-8 PN/DP CPU, SIPLUS ET 200S IM151-8F PN/DP CPU, SIPLUS S7-300 CPU 314C-2 PN/DP, SIPLUS S7-300 CPU 315-2 PN/DP, SIPLUS S7-300 CPU 315F-2 PN/DP, SIPLUS S7-300 CPU 317-2 PN/DP, SIPLUS S7-300 CPU 317F-2 PN/DP. An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption",
"cweId": "CWE-400"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.1.1 Patch 05"
"version_value": "All versions < V4.1.1 Patch 05",
"version_affected": "="
}
]
}
@ -29,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.5.0 Patch 01"
"version_value": "All versions < V4.5.0 Patch 01",
"version_affected": "="
}
]
}
@ -39,7 +62,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.5.0"
"version_value": "All versions < V4.5.0",
"version_affected": "="
}
]
}
@ -49,27 +73,63 @@
"version": {
"version_data": [
{
"version_value": "All versions < V5.2.1"
"version_value": "All versions < V5.2.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200M (incl. SIPLUS variants)",
"product_name": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200S (incl. SIPLUS variants)",
"product_name": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
@ -79,7 +139,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -89,7 +150,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -99,7 +161,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -109,7 +172,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -119,7 +183,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -129,7 +194,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -139,7 +205,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -149,7 +216,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -159,7 +227,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -169,7 +238,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -179,7 +249,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -189,7 +260,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -199,7 +271,19 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200M (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -209,7 +293,19 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200S (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -219,7 +315,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V2.8"
"version_value": "All versions < V2.8",
"version_affected": "="
}
]
}
@ -229,27 +326,129 @@
"version": {
"version_data": [
{
"version_value": "All versions < V2.8"
"version_value": "All versions < V2.8",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant)",
"product_name": "SIMATIC PN/PN Coupler (incl. SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"product_name": "SIMATIC S7-300 CPU 314C-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17"
"version_value": "All versions < V3.3.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 319-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 319F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
@ -259,7 +458,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -269,17 +469,30 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC WinAC RTX (F) 2010",
"product_name": "SIMATIC WinAC RTX 2010",
"version": {
"version_data": [
{
"version_value": "All versions < SIMATIC WinAC RTX 2010 SP3"
"version_value": "All versions < V2010 SP3",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC WinAC RTX F 2010",
"version": {
"version_data": [
{
"version_value": "All versions < V2010 SP3",
"version_affected": "="
}
]
}
@ -289,7 +502,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -299,7 +513,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V1.5 HF1"
"version_value": "All versions < V1.5 HF1",
"version_affected": "="
}
]
}
@ -309,7 +524,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V1.3"
"version_value": "All versions < V1.3",
"version_affected": "="
}
]
}
@ -319,7 +535,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.7 SP10 HF5"
"version_value": "All versions < V4.7 SP10 HF5",
"version_affected": "="
}
]
}
@ -329,7 +546,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.7 SP10 HF5"
"version_value": "All versions < V4.7 SP10 HF5",
"version_affected": "="
}
]
}
@ -339,7 +557,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.7 HF29"
"version_value": "All versions < V4.7 HF29",
"version_affected": "="
}
]
}
@ -349,7 +568,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.8"
"version_value": "All versions < V4.8",
"version_affected": "="
}
]
}
@ -359,7 +579,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -369,7 +590,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -379,7 +601,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -389,7 +612,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -399,7 +623,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.7 HF34"
"version_value": "All versions < V4.7 HF34",
"version_affected": "="
}
]
}
@ -409,7 +634,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.8"
"version_value": "All versions < V4.8",
"version_affected": "="
}
]
}
@ -419,7 +645,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.7 HF33"
"version_value": "All versions < V4.7 HF33",
"version_affected": "="
}
]
}
@ -429,7 +656,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -439,7 +667,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.8 SP5"
"version_value": "All versions < V4.8 SP5",
"version_affected": "="
}
]
}
@ -449,7 +678,85 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions < V4.8 SP5",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 314C-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.3.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 315-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 315F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 317-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 317F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.17",
"version_affected": "="
}
]
}
@ -460,33 +767,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions < V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions < V4.5.0 Patch 01), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.5.0), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.2.1), SIMATIC ET200M (incl. SIPLUS variants) (All versions), SIMATIC ET200S (incl. SIPLUS variants) (All versions), SIMATIC ET200ecoPN, 16DI, DC24V, 8xM12 (All versions), SIMATIC ET200ecoPN, 16DO DC24V/1,3A, 8xM12 (All versions), SIMATIC ET200ecoPN, 4AO U/I 4xM12 (All versions), SIMATIC ET200ecoPN, 8 DIO, DC24V/1,3A, 8xM12 (All versions), SIMATIC ET200ecoPN, 8 DO, DC24V/2A, 8xM12 (All versions), SIMATIC ET200ecoPN, 8AI RTD/TC 8xM12 (All versions), SIMATIC ET200ecoPN, 8AI; 4 U/I; 4 RTD/TC 8xM12 (All versions), SIMATIC ET200ecoPN, 8DI, DC24V, 4xM12 (All versions), SIMATIC ET200ecoPN, 8DI, DC24V, 8xM12 (All versions), SIMATIC ET200ecoPN, 8DO, DC24V/0,5A, 4xM12 (All versions), SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 4xM12 (All versions), SIMATIC ET200ecoPN, 8DO, DC24V/1,3A, 8xM12 (All versions), SIMATIC ET200ecoPN: IO-Link Master (All versions), SIMATIC ET200pro (All versions), SIMATIC NET CP 1604 (All versions < V2.8), SIMATIC NET CP 1616 (All versions < V2.8), SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant) (All versions), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions < SIMATIC WinAC RTX 2010 SP3), SIMOTION (incl. SIPLUS variants) (All versions), SINAMICS DCM (All versions < V1.5 HF1), SINAMICS DCP (All versions < V1.3), SINAMICS G110M V4.7 Control Unit (All versions < V4.7 SP10 HF5), SINAMICS G120 V4.7 Control Unit (incl. SIPLUS variants) (All versions < V4.7 SP10 HF5), SINAMICS G130 V4.7 Control Unit (All versions < V4.7 HF29), SINAMICS G150 Control Unit (All versions < V4.8), SINAMICS GH150 V4.7 Control Unit (All versions), SINAMICS GL150 V4.7 Control Unit (All versions), SINAMICS GM150 V4.7 Control Unit (All versions), SINAMICS S110 Control Unit (All versions), SINAMICS S120 V4.7 Control Unit and CBE20 (incl. SIPLUS variants) (All versions < V4.7 HF34), SINAMICS S150 Control Unit (All versions < V4.8), SINAMICS SL150 V4.7 Control Unit (All versions < V4.7 HF33), SINAMICS SM120 V4.7 Control Unit (All versions), SINUMERIK 828D (All versions < V4.8 SP5), SINUMERIK 840D sl (All versions). An attacker with network access to an affected product may cause a Denial-of-Service condition by breaking the real-time synchronization (IRT) of the affected installation. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts the availability of the affected installations."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}
}

596
2019/10xxx/CVE-2019-10936.json
View File

File diff suppressed because it is too large Load Diff

333
2019/13xxx/CVE-2019-13940.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-13940",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-13940",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.X.17), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.X.17), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.X.17), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.X.17), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.X.17). Affected devices contain a vulnerability that could cause a denial of service condition of the web server by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp. Beyond the web service, no other functions or interfaces are affected by the denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption",
"cweId": "CWE-400"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -15,21 +36,177 @@
"product": {
"product_data": [
{
"product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"product_name": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V4.1"
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 PN/DP CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"product_name": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17"
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions < V4.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 314C-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 315T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 319-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-300 CPU 319F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
@ -39,7 +216,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -49,17 +227,107 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC WinAC RTX (F) 2010",
"product_name": "SIMATIC WinAC RTX 2010",
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC WinAC RTX F 2010",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 314C-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 315-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 315F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 317-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-300 CPU 317F-2 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.X.17",
"version_affected": "="
}
]
}
@ -70,37 +338,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 PN/DP CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions). Affected devices contain a vulnerability that could cause a Denial-of-Service condition of the web server by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device\u2019s web server. Beyond the web service, no other functions or interfaces are affected by the Denial-of-Service condition."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf"
},
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-042-05",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-042-05"
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}

301
2019/19xxx/CVE-2019-19300.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-19300",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2019-19300",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions), KTK ATE530S (All versions), SIDOOR ATD430W (All versions), SIDOOR ATE530S COATED (All versions), SIDOOR ATE531S (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC MICRO-DRIVE PDC (All versions), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) (All versions >= V4.2), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0), SIMATIC S7-1500 Software Controller (All versions < V2.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family and below (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SINAMICS S/G Control Unit w. PROFINET (All versions). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption",
"cweId": "CWE-400"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -29,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -39,7 +62,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -49,7 +73,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -59,7 +84,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -69,7 +95,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -79,7 +106,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V2.0"
"version_value": "All versions < V2.0",
"version_affected": "="
}
]
}
@ -89,7 +117,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V2.0"
"version_value": "All versions < V2.0",
"version_affected": "="
}
]
}
@ -99,67 +128,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2"
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 MF HF",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2"
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2"
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -169,7 +139,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
@ -179,7 +150,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
@ -189,7 +161,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
@ -199,7 +172,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
@ -209,7 +183,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
@ -219,7 +194,74 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 MF HF",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2",
"version_affected": "="
}
]
}
@ -229,7 +271,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -239,7 +282,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -249,7 +293,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2"
"version_value": "All versions >= V4.2",
"version_affected": "="
}
]
}
@ -259,7 +304,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.4.0"
"version_value": "All versions < V4.4.0",
"version_affected": "="
}
]
}
@ -269,7 +315,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V2.0"
"version_value": "All versions < V2.0",
"version_affected": "="
}
]
}
@ -279,7 +326,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V2.0"
"version_value": "All versions < V2.0",
"version_affected": "="
}
]
}
@ -289,7 +337,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -299,27 +348,41 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-400 PN/DP V7 and below CPU family (incl. SIPLUS variants)",
"product_name": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-410 CPU family (incl. SIPLUS variants)",
"product_name": "SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions < V10.1.1"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -329,7 +392,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -339,7 +403,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -349,7 +414,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -359,7 +425,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -369,7 +436,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -380,37 +448,22 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions), KTK ATE530S (All versions), SIDOOR ATD430W (All versions), SIDOOR ATE530S COATED (All versions), SIDOOR ATE531S (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.0), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC MICRO-DRIVE PDC (All versions), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (incl. SIPLUS NET variants) (All versions >= V4.2), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0), SIMATIC S7-1500 Software Controller (All versions < V2.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family and below (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V10.1.1), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SINAMICS S/G Control Unit w. PROFINET (All versions). The Interniche-based TCP Stack can be forced to make very expensive calls for every incoming packet which can lead to a denial of service."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf"
},
{
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-105-08",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-105-08"
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}

560
2019/6xxx/CVE-2019-6568.json
View File

File diff suppressed because it is too large Load Diff

839
2021/40xxx/CVE-2021-40365.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-40365",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-40365",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518-4F PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1"
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
@ -29,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -39,17 +62,448 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.6.0"
"version_value": "All versions < V4.6.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"product_name": "SIMATIC S7-1500 CPU 1510SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1510SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511C-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511T-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511TF-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512C-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513R-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515R-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515T-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515TF-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517H-3 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4F PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518HF-4 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518T-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -59,7 +513,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -69,7 +524,327 @@
"version": {
"version_data": [
{
"version_value": "All versions < V5.0"
"version_value": "All versions < V5.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1513-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1513F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515R-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1517H-3 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518F-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518HF-4 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
@ -79,7 +854,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -89,7 +865,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -100,33 +877,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}
}

90
2021/44xxx/CVE-2021-44002.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-44002",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-44002",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15058, ZDI-CAN-19076, ZDI-CAN-19077)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -15,21 +36,34 @@
"product": {
"product_data": [
{
"product_name": "JT2Go",
"product_name": "JT Open",
"version": {
"version_data": [
{
"version_value": "All versions < V13.2.0.5"
"version_value": "All versions < V11.1.1.0",
"version_affected": "="
}
]
}
},
{
"product_name": "Teamcenter Visualization",
"product_name": "JT Utilities",
"version": {
"version_data": [
{
"version_value": "All versions < V13.2.0.5"
"version_value": "All versions < V13.1.1.0",
"version_affected": "="
}
]
}
},
{
"product_name": "Solid Edge",
"version": {
"version_data": [
{
"version_value": "All versions < V2023",
"version_affected": "="
}
]
}
@ -40,37 +74,27 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Jt1001.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15058)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936212.pdf",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-006/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-006/"
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-936212.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

90
2021/44xxx/CVE-2021-44014.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-44014",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-44014",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15057, ZDI-CAN-19081)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -15,21 +36,34 @@
"product": {
"product_data": [
{
"product_name": "JT2Go",
"product_name": "JT Open",
"version": {
"version_data": [
{
"version_value": "All versions < V13.2.0.5"
"version_value": "All versions < V11.1.1.0",
"version_affected": "="
}
]
}
},
{
"product_name": "Teamcenter Visualization",
"product_name": "JT Utilities",
"version": {
"version_data": [
{
"version_value": "All versions < V13.2.0.5"
"version_value": "All versions < V13.1.1.0",
"version_affected": "="
}
]
}
},
{
"product_name": "Solid Edge",
"version": {
"version_data": [
{
"version_value": "All versions < V2023",
"version_affected": "="
}
]
}
@ -40,37 +74,27 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Jt1001.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15057)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936212.pdf",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-005/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-005/"
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-936212.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

839
2021/44xxx/CVE-2021-44693.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-44693",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-44693",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518-4F PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1284: Improper Validation of Specified Quantity in Input",
"cweId": "CWE-1284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1"
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
@ -29,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -39,17 +62,448 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.6.0"
"version_value": "All versions < V4.6.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"product_name": "SIMATIC S7-1500 CPU 1510SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1510SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511C-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511T-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511TF-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512C-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513R-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515R-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515T-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515TF-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517H-3 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4F PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518HF-4 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518T-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -59,7 +513,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -69,7 +524,327 @@
"version": {
"version_data": [
{
"version_value": "All versions < V5.0"
"version_value": "All versions < V5.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1513-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1513F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515R-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1517H-3 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518F-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518HF-4 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
@ -79,7 +854,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -89,7 +865,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -100,33 +877,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1284: Improper Validation of Specified Quantity in Input"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
}
]
}
}

839
2021/44xxx/CVE-2021-44694.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-44694",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-44694",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518-4F PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1287: Improper Validation of Specified Type of Input",
"cweId": "CWE-1287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1"
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
@ -29,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -39,17 +62,448 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.6.0"
"version_value": "All versions < V4.6.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"product_name": "SIMATIC S7-1500 CPU 1510SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1510SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511C-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511T-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511TF-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512C-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513R-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515R-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515T-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515TF-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517H-3 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4F PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518HF-4 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518T-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -59,7 +513,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -69,7 +524,327 @@
"version": {
"version_data": [
{
"version_value": "All versions < V5.0"
"version_value": "All versions < V5.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1513-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1513F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515R-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1517H-3 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518F-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518HF-4 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
@ -79,7 +854,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -89,7 +865,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -100,33 +877,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1287: Improper Validation of Specified Type of Input"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
}
]
}
}

839
2021/44xxx/CVE-2021-44695.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-44695",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-44695",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC S7-1200 CPU family (incl. SIPLUS variants), SIMATIC S7-1500 CPU 1510SP F-1 PN, SIMATIC S7-1500 CPU 1510SP-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511C-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511F-1 PN, SIMATIC S7-1500 CPU 1511T-1 PN, SIMATIC S7-1500 CPU 1511TF-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512C-1 PN, SIMATIC S7-1500 CPU 1512SP F-1 PN, SIMATIC S7-1500 CPU 1512SP-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513F-1 PN, SIMATIC S7-1500 CPU 1513R-1 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515F-2 PN, SIMATIC S7-1500 CPU 1515R-2 PN, SIMATIC S7-1500 CPU 1515T-2 PN, SIMATIC S7-1500 CPU 1515TF-2 PN, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516F-3 PN/DP, SIMATIC S7-1500 CPU 1516T-3 PN/DP, SIMATIC S7-1500 CPU 1516TF-3 PN/DP, SIMATIC S7-1500 CPU 1517-3 PN/DP, SIMATIC S7-1500 CPU 1517F-3 PN/DP, SIMATIC S7-1500 CPU 1517H-3 PN, SIMATIC S7-1500 CPU 1517T-3 PN/DP, SIMATIC S7-1500 CPU 1517TF-3 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP, SIMATIC S7-1500 CPU 1518-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518-4F PN/DP, SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP, SIMATIC S7-1500 CPU 1518HF-4 PN, SIMATIC S7-1500 CPU 1518T-4 PN/DP, SIMATIC S7-1500 CPU 1518TF-4 PN/DP, SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK, SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK, SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN, SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN, SIMATIC S7-1500 Software Controller, SIMATIC S7-PLCSIM Advanced, SIPLUS ET 200SP CPU 1510SP F-1 PN, SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1510SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS ET 200SP CPU 1512SP-1 PN RAIL, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511-1 PN TX RAIL, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1511F-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1513F-1 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN, SIPLUS S7-1500 CPU 1515F-2 PN RAIL, SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL, SIPLUS S7-1500 CPU 1515R-2 PN, SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP, SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL, SIPLUS S7-1500 CPU 1517H-3 PN, SIPLUS S7-1500 CPU 1518-4 PN/DP, SIPLUS S7-1500 CPU 1518-4 PN/DP MFP, SIPLUS S7-1500 CPU 1518F-4 PN/DP, SIPLUS S7-1500 CPU 1518HF-4 PN, SIPLUS TIM 1531 IRC, TIM 1531 IRC. Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"cweId": "CWE-1286"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1"
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
@ -29,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -39,17 +62,448 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.6.0"
"version_value": "All versions < V4.6.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"product_name": "SIMATIC S7-1500 CPU 1510SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1"
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1510SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511C-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511T-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511TF-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512C-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513R-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515R-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515T-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515TF-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517H-3 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4F PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518HF-4 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518T-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -59,7 +513,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -69,7 +524,327 @@
"version": {
"version_data": [
{
"version_value": "All versions < V5.0"
"version_value": "All versions < V5.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1513-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1513F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515R-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1517H-3 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518F-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518HF-4 PN",
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
@ -79,7 +854,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -89,7 +865,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -100,33 +877,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1286: Improper Validation of Syntactic Correctness of Input"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIPLUS TIM 1531 IRC (All versions), TIM 1531 IRC (All versions). Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial-of-service in the device."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-382653.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
}
]
}
}

398
2022/25xxx/CVE-2022-25622.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-25622",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-25622",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (All versions >= 4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.19), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions < V10.1.1), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions < V8.2.3), SIMATIC TDC CP51M1 (All versions < V1.1.10), SIMATIC TDC CPU555 (All versions < V1.2.1), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SINAMICS DCM (All versions with Ethernet interface), SINAMICS G110M (All versions with Ethernet interface), SINAMICS G115D (All versions with Ethernet interface), SINAMICS G120 (incl. SIPLUS variants) (All versions with Ethernet interface), SINAMICS G130 (All versions), SINAMICS G150 (All versions), SINAMICS S110 (All versions with Ethernet interface), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF13), SINAMICS S150 (All versions), SINAMICS S210 (All versions), SINAMICS V90 (All versions with Ethernet interface), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIPLUS HCS4200 CIM4210 (All versions), SIPLUS HCS4200 CIM4210C (All versions), SIPLUS HCS4300 CIM4310 (All versions), SIPLUS NET PN/PN Coupler (All versions >= 4.2), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption",
"cweId": "CWE-400"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -29,27 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -59,7 +62,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -69,7 +73,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -79,7 +84,30 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -89,67 +117,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2"
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 MF HF",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2"
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2"
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -159,7 +128,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
@ -169,7 +139,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
@ -179,7 +150,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
@ -189,7 +161,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
@ -199,7 +172,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
@ -209,7 +183,74 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V5.1.1"
"version_value": "All versions >= V5.1.1",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 MF HF",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions >= V4.2",
"version_affected": "="
}
]
}
@ -219,7 +260,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -229,7 +271,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= 4.2"
"version_value": "All versions >= 4.2",
"version_affected": "="
}
]
}
@ -239,7 +282,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V2.0.0"
"version_value": "All versions < V2.0.0",
"version_affected": "="
}
]
}
@ -249,7 +293,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.3.19"
"version_value": "All versions < V3.3.19",
"version_affected": "="
}
]
}
@ -259,7 +304,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -269,7 +315,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -279,7 +326,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -289,7 +337,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -299,7 +348,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -309,7 +359,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -319,7 +370,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -329,7 +381,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -339,7 +392,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -349,7 +403,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V6.0.10"
"version_value": "All versions < V6.0.10",
"version_affected": "="
}
]
}
@ -359,7 +414,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -369,7 +425,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V10.1.1"
"version_value": "All versions < V10.1.1",
"version_affected": "="
}
]
}
@ -379,7 +436,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V8.2.3"
"version_value": "All versions < V8.2.3",
"version_affected": "="
}
]
}
@ -389,7 +447,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V1.1.10"
"version_value": "All versions < V1.1.10",
"version_affected": "="
}
]
}
@ -399,7 +458,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V1.2.1"
"version_value": "All versions < V1.2.1",
"version_affected": "="
}
]
}
@ -409,7 +469,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -419,7 +480,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -429,7 +491,8 @@
"version": {
"version_data": [
{
"version_value": "All versions with Ethernet interface"
"version_value": "All versions with Ethernet interface",
"version_affected": "="
}
]
}
@ -439,7 +502,8 @@
"version": {
"version_data": [
{
"version_value": "All versions with Ethernet interface"
"version_value": "All versions with Ethernet interface",
"version_affected": "="
}
]
}
@ -449,7 +513,8 @@
"version": {
"version_data": [
{
"version_value": "All versions with Ethernet interface"
"version_value": "All versions with Ethernet interface",
"version_affected": "="
}
]
}
@ -459,7 +524,8 @@
"version": {
"version_data": [
{
"version_value": "All versions with Ethernet interface"
"version_value": "All versions with Ethernet interface",
"version_affected": "="
}
]
}
@ -469,7 +535,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -479,7 +546,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -489,7 +557,8 @@
"version": {
"version_data": [
{
"version_value": "All versions with Ethernet interface"
"version_value": "All versions with Ethernet interface",
"version_affected": "="
}
]
}
@ -499,7 +568,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions < V5.2 SP3 HF13",
"version_affected": "="
}
]
}
@ -509,7 +579,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -519,7 +590,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -529,7 +601,8 @@
"version": {
"version_data": [
{
"version_value": "All versions with Ethernet interface"
"version_value": "All versions with Ethernet interface",
"version_affected": "="
}
]
}
@ -539,7 +612,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -549,7 +623,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -559,7 +634,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -569,7 +645,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -579,7 +656,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -589,7 +667,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= 4.2"
"version_value": "All versions >= 4.2",
"version_affected": "="
}
]
}
@ -599,7 +678,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.3.19"
"version_value": "All versions < V3.3.19",
"version_affected": "="
}
]
}
@ -609,7 +689,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -619,7 +700,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -629,7 +711,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -639,7 +722,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -650,33 +734,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.19), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (All versions >= 4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.19), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions < V10.1.1), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions < V8.2.3), SIMATIC TDC CP51M1 (All versions < V1.1.10), SIMATIC TDC CPU555 (All versions < V1.2.1), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinAC RTX F 2010 (All versions), SINAMICS DCM (All versions with Ethernet interface), SINAMICS G110M (All versions with Ethernet interface), SINAMICS G115D (All versions with Ethernet interface), SINAMICS G120 (incl. SIPLUS variants) (All versions with Ethernet interface), SINAMICS G130 (All versions), SINAMICS G150 (All versions), SINAMICS S110 (All versions with Ethernet interface), SINAMICS S120 (incl. SIPLUS variants) (All versions), SINAMICS S150 (All versions), SINAMICS S210 (All versions), SINAMICS V90 (All versions with Ethernet interface), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIPLUS HCS4200 CIM4210 (All versions), SIPLUS HCS4200 CIM4210C (All versions), SIPLUS HCS4300 CIM4310 (All versions), SIPLUS NET PN/PN Coupler (All versions >= 4.2), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}
}

197
2022/30xxx/CVE-2022-30694.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-30694",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-30694",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIMATIC PC Station (All versions >= V2.1), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.19), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIMATIC WinCC Runtime Advanced (All versions), SINUMERIK ONE (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19). The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,27 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1"
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
@ -49,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -59,7 +62,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -69,7 +73,30 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8 PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC ET 200S IM151-8F PN/DP CPU",
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -79,7 +106,8 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V2.1"
"version_value": "All versions >= V2.1",
"version_affected": "="
}
]
}
@ -89,7 +117,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V4.6.0"
"version_value": "All versions < V4.6.0",
"version_affected": "="
}
]
}
@ -99,7 +128,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.0.1"
"version_value": "All versions < V3.0.1",
"version_affected": "="
}
]
}
@ -109,7 +139,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -119,7 +150,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.3.19"
"version_value": "All versions < V3.3.19",
"version_affected": "="
}
]
}
@ -129,7 +161,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -139,7 +172,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -149,7 +183,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -159,7 +194,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -169,7 +205,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -179,7 +216,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -189,7 +227,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -199,7 +238,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -209,7 +249,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -219,7 +260,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -229,7 +271,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -239,7 +282,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V5.0"
"version_value": "All versions < V5.0",
"version_affected": "="
}
]
}
@ -249,7 +293,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -259,7 +304,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions",
"version_affected": "="
}
]
}
@ -269,7 +315,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -279,7 +326,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -289,7 +337,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.3.19"
"version_value": "All versions < V3.3.19",
"version_affected": "="
}
]
}
@ -299,7 +348,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -309,7 +359,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -319,7 +370,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -329,7 +381,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.2.19"
"version_value": "All versions < V3.2.19",
"version_affected": "="
}
]
}
@ -340,33 +393,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1), SIMATIC ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8 PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8F PN/DP CPU (All versions < V3.2.19), SIMATIC ET 200pro IM154-8FX PN/DP CPU (All versions < V3.2.19), SIMATIC PC Station (All versions >= V2.1), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.6.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.0.1), SIMATIC S7-1500 Software Controller (All versions), SIMATIC S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIMATIC S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 315T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317T-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 317TF-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319-3 PN/DP (All versions < V3.2.19), SIMATIC S7-300 CPU 319F-3 PN/DP (All versions < V3.2.19), SIMATIC S7-400 PN/DP V6 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V5.0), SIMATIC WinCC Runtime Advanced (All versions), SINUMERIK ONE (All versions), SIPLUS ET 200S IM151-8 PN/DP CPU (All versions < V3.2.19), SIPLUS ET 200S IM151-8F PN/DP CPU (All versions < V3.2.19), SIPLUS S7-300 CPU 314C-2 PN/DP (All versions < V3.3.19), SIPLUS S7-300 CPU 315-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 315F-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317-2 PN/DP (All versions < V3.2.19), SIPLUS S7-300 CPU 317F-2 PN/DP (All versions < V3.2.19). The login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-478960.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-478960.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}
]
}
}

930
2022/31xxx/CVE-2022-31765.json
View File

File diff suppressed because it is too large Load Diff

195
2022/31xxx/CVE-2022-31766.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-31766",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-31766",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 (US) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WAM766-1 EEC (US) (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM763-1 (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (EU) (All versions >= V1.1.0 < V2.0), SCALANCE WUM766-1 (US) (All versions >= V1.1.0 < V2.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service condition and reboot the device thus possibly affecting other network resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -29,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -39,7 +62,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -49,7 +73,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -59,7 +84,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -69,7 +95,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -79,7 +106,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -89,7 +117,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -99,7 +128,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -109,7 +139,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -119,7 +150,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -129,7 +161,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -139,7 +172,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -149,7 +183,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -159,7 +194,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -169,7 +205,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -179,7 +216,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -189,7 +227,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V7.1.2"
"version_value": "All versions < V7.1.2",
"version_affected": "="
}
]
}
@ -199,67 +238,52 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
"version_value": "All versions >= V1.1.0 < V2.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SCALANCE WAM766-1",
"product_name": "SCALANCE WAM766-1 (EU)",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
"version_value": "All versions >= V1.1.0 < V2.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SCALANCE WAM766-1",
"product_name": "SCALANCE WAM766-1 (US)",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
"version_value": "All versions >= V1.1.0 < V2.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 6GHz",
"product_name": "SCALANCE WAM766-1 EEC (EU)",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
"version_value": "All versions >= V1.1.0 < V2.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC",
"product_name": "SCALANCE WAM766-1 EEC (US)",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WAM766-1 EEC 6GHz",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
"version_value": "All versions >= V1.1.0 < V2.0",
"version_affected": "="
}
]
}
@ -269,47 +293,30 @@
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
"version_value": "All versions >= V1.1.0 < V2.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SCALANCE WUM763-1",
"product_name": "SCALANCE WUM766-1 (EU)",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
"version_value": "All versions >= V1.1.0 < V2.0",
"version_affected": "="
}
]
}
},
{
"product_name": "SCALANCE WUM766-1",
"product_name": "SCALANCE WUM766-1 (US)",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
}
]
}
},
{
"product_name": "SCALANCE WUM766-1 6GHz",
"version": {
"version_data": [
{
"version_value": "All versions >= V1.1.0"
"version_value": "All versions >= V1.1.0 < V2.0",
"version_affected": "="
}
]
}
@ -320,33 +327,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.1.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.1.2), SCALANCE M804PB (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.1.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.1.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.1.2), SCALANCE M874-2 (All versions < V7.1.2), SCALANCE M874-3 (All versions < V7.1.2), SCALANCE M876-3 (EVDO) (All versions < V7.1.2), SCALANCE M876-3 (ROK) (All versions < V7.1.2), SCALANCE M876-4 (EU) (All versions < V7.1.2), SCALANCE M876-4 (NAM) (All versions < V7.1.2), SCALANCE MUM853-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (EU) (All versions < V7.1.2), SCALANCE MUM856-1 (RoW) (All versions < V7.1.2), SCALANCE S615 (All versions < V7.1.2), SCALANCE WAM763-1 (All versions >= V1.1.0), SCALANCE WAM766-1 (All versions >= V1.1.0), SCALANCE WAM766-1 (All versions >= V1.1.0), SCALANCE WAM766-1 6GHz (All versions >= V1.1.0), SCALANCE WAM766-1 EEC (All versions >= V1.1.0), SCALANCE WAM766-1 EEC (All versions >= V1.1.0), SCALANCE WAM766-1 EEC 6GHz (All versions >= V1.1.0), SCALANCE WUM763-1 (All versions >= V1.1.0), SCALANCE WUM763-1 (All versions >= V1.1.0), SCALANCE WUM766-1 (All versions >= V1.1.0), SCALANCE WUM766-1 (All versions >= V1.1.0), SCALANCE WUM766-1 6GHz (All versions >= V1.1.0). Affected devices with TCP Event service enabled do not properly handle malformed packets. This could allow an unauthenticated remote attacker to cause a denial of service and reboot the device thus possibly affecting other network resources."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-697140.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 8.6,
"baseSeverity": "HIGH"
}
]
}
}

980
2022/36xxx/CVE-2022-36323.json
View File

File diff suppressed because it is too large Load Diff

965
2022/36xxx/CVE-2022-36324.json
View File

File diff suppressed because it is too large Load Diff

980
2022/36xxx/CVE-2022-36325.json
View File

File diff suppressed because it is too large Load Diff

823
2022/38xxx/CVE-2022-38773.json
View File

@ -1,17 +1,832 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38773",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Affected devices do not contain an Immutable Root of Trust in Hardware. With this the integrity of the code executed on the device can not be validated during load-time. An attacker with physical access to the device could use this to replace the boot image of the device and execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1326: Missing Immutable Root of Trust in Hardware",
"cweId": "CWE-1326"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SIMATIC Drive Controller CPU 1504D TF",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC Drive Controller CPU 1507D TF",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1510SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1510SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511C-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511T-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1511TF-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512C-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1512SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1513R-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515R-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515T-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1515TF-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1516TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517H-3 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517T-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1517TF-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518-4F PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518HF-4 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518T-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU 1518TF-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP ODK",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP ODK",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1513PRO-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIMATIC S7-1500 ET 200pro: CPU 1516PRO-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP F-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1510SP-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP F-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS ET 200SP CPU 1512SP-1 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN T1 RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511-1 PN TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1511F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1513-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1513F-1 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515F-2 PN T2 RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515R-2 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1515R-2 PN TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516-3 PN/DP TX RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516F-3 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1516F-3 PN/DP RAIL",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1517H-3 PN",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "SIPLUS S7-1500 CPU 1518F-4 PN/DP",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-482757.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:T/RC:C",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
}
]
}

75
2022/43xxx/CVE-2022-43513.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43513",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4). The affected components allow to rename license files with user chosen input without authentication. This could allow an unauthenticated remote attacker to rename and move files as SYSTEM user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-73: External Control of File Name or Path",
"cweId": "CWE-73"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Automation License Manager V5",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "Automation License Manager V6",
"version": {
"version_data": [
{
"version_value": "All versions < V6.0 SP9 Upd4",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-476715.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-476715.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L/E:P/RL:O/RC:C",
"baseScore": 8.2,
"baseSeverity": "HIGH"
}
]
}

75
2022/43xxx/CVE-2022-43514.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43514",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Automation License Manager V5 (All versions), Automation License Manager V6 (All versions < V6.0 SP9 Upd4). The affected component does not correctly validate the root path on folder related operations, allowing to modify files and folders outside the intended root directory. This could allow an unauthenticated remote attacker to execute file operations of files outside of the specified root folder. Chained with CVE-2022-43513 this could allow Remote Code Execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Automation License Manager V5",
"version": {
"version_data": [
{
"version_value": "All versions",
"version_affected": "="
}
]
}
},
{
"product_name": "Automation License Manager V6",
"version": {
"version_data": [
{
"version_value": "All versions < V6.0 SP9 Upd4",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-476715.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-476715.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C",
"baseScore": 7.7,
"baseSeverity": "HIGH"
}
]
}

77
2022/44xxx/CVE-2022-44731.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-44731",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-44731",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions < V3.15 P038), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035), SIMATIC WinCC OA V3.17 (All versions < V3.17 P024), SIMATIC WinCC OA V3.18 (All versions < V3.18 P014). The affected component allows to inject custom arguments to the Ultralight Client backend application under certain circumstances. This could allow an authenticated remote attacker to inject arbitrary parameters when starting the client via the web interface (e.g., open attacker chosen panels with the attacker's credentials or start a Ctrl script)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
"cweId": "CWE-88"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions < V3.15 P038",
"version_affected": "="
}
]
}
@ -29,7 +51,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.16 P035"
"version_value": "All versions < V3.16 P035",
"version_affected": "="
}
]
}
@ -39,7 +62,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.17 P024"
"version_value": "All versions < V3.17 P024",
"version_affected": "="
}
]
}
@ -49,7 +73,8 @@
"version": {
"version_data": [
{
"version_value": "All versions < V3.18 P014"
"version_value": "All versions < V3.18 P014",
"version_affected": "="
}
]
}
@ -60,33 +85,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035), SIMATIC WinCC OA V3.17 (All versions < V3.17 P024), SIMATIC WinCC OA V3.18 (All versions < V3.18 P014). The affected component allows to inject custom arguments to the Ultralight Client backend application under certain circumstances. This could allow an authenticated remote attacker to inject arbitrary parameters when starting the client via the web interface (e.g., open attacker chosen panels with the attacker's credentials or start a Ctrl script)."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-547714.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-547714.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
}
]
}
}

64
2022/45xxx/CVE-2022-45092.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-45092",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC INS",
"version": {
"version_data": [
{
"version_value": "All versions < V1.0 SP2 Update 1",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
}
]
}

64
2022/45xxx/CVE-2022-45093.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-45093",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product as well as with access to the SFTP server of the affected product (22/tcp), could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC INS",
"version": {
"version_data": [
{
"version_value": "All versions < V1.0 SP2 Update 1",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 8.5,
"baseSeverity": "HIGH"
}
]
}

64
2022/45xxx/CVE-2022-45094.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-45094",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially inject commands into the dhcpd configuration of the affected product. An attacker might leverage this to trigger remote code execution on the affected component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')",
"cweId": "CWE-77"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SINEC INS",
"version": {
"version_data": [
{
"version_value": "All versions < V1.0 SP2 Update 1",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 8.4,
"baseSeverity": "HIGH"
}
]
}

90
2022/46xxx/CVE-2022-46664.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-46664",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-46664",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Mendix Workflow Commons (All versions < V2.4.0), Mendix Workflow Commons V2.1 (All versions < V2.1.4), Mendix Workflow Commons V2.3 (All versions < V2.3.2). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read or delete sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,30 @@
"version": {
"version_data": [
{
"version_value": "All versions < V2.4.0"
"version_value": "All versions < V2.4.0",
"version_affected": "="
}
]
}
},
{
"product_name": "Mendix Workflow Commons V2.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2.1.4",
"version_affected": "="
}
]
}
},
{
"product_name": "Mendix Workflow Commons V2.3",
"version": {
"version_data": [
{
"version_value": "All versions < V2.3.2",
"version_affected": "="
}
]
}
@ -30,33 +74,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Mendix Workflow Commons (All versions < V2.4.0). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read or delete sensitive information."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-210822.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-210822.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C",
"baseScore": 8.1,
"baseSeverity": "HIGH"
}
]
}
}

86
2022/46xxx/CVE-2022-46823.json
View File

@ -1,17 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-46823",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.3.4), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= V3.3.0 < V3.3.9), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.8). The affected module is vulnerable to reflected cross-site scripting (XSS) attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a malicious link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Mendix SAML (Mendix 8 compatible)",
"version": {
"version_data": [
{
"version_value": "All versions >= V2.3.0 < V2.3.4",
"version_affected": "="
}
]
}
},
{
"product_name": "Mendix SAML (Mendix 9 compatible, New Track)",
"version": {
"version_data": [
{
"version_value": "All versions >= V3.3.0 < V3.3.9",
"version_affected": "="
}
]
}
},
{
"product_name": "Mendix SAML (Mendix 9 compatible, Upgrade Track)",
"version": {
"version_data": [
{
"version_value": "All versions >= V3.3.0 < V3.3.8",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-496604.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-496604.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:P/RL:O/RC:C",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
}
]
}

86
2022/47xxx/CVE-2022-47935.json
View File

@ -1,17 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-47935",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19078)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "JT Open",
"version": {
"version_data": [
{
"version_value": "All versions < V11.1.1.0",
"version_affected": "="
}
]
}
},
{
"product_name": "JT Utilities",
"version": {
"version_data": [
{
"version_value": "All versions < V13.1.1.0",
"version_affected": "="
}
]
}
},
{
"product_name": "Solid Edge",
"version": {
"version_data": [
{
"version_value": "All versions < V2023",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-936212.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-936212.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

64
2022/47xxx/CVE-2022-47967.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-47967",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge (All versions < V2023 MP1). The DOCMGMT.DLL contains a memory corruption vulnerability that could be triggered while parsing files in different file formats such as PAR, ASM, DFT. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge",
"version": {
"version_data": [
{
"version_value": "All versions < V2023 MP1",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-997779.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-997779.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

18
2023/0xxx/CVE-2023-0154.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0154",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0155.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0155",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22913.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22913",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22914.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22914",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22915.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22915",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22916.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22916",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22917.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22917",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22918.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22918",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22919.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22919",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22920.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22920",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22921.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22921",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22922.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22922",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22923.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22923",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/22xxx/CVE-2023-22924.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22924",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}