admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 18:28:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-12-14 22:02:00 +00:00
parent 47a04b4215
commit c768c383fb
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
52 changed files with 1148 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
2017/12xxx/CVE-2017-12734.json
View File

@ -46,7 +46,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V1.81.2). An attacker with network access to the integrated web server on port 80/tcp could obtain\nthe session ID of an active user session. A user must be logged in to the web interface.\nSiemens recommends to use the integrated webserver on port 80/tcp only in trusted\nnetworks.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V1.81.2). An attacker with network access to the integrated web server on port 80/tcp could obtain the session ID of an active user session. A user must be logged in to the web interface. Siemens recommends to use the integrated webserver on port 80/tcp only in trusted networks."
}
]
},
@ -58,9 +58,10 @@
"url": "http://www.securityfocus.com/bid/100560"
},
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-087240.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-087240.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-087240.pdf"
}
]
}
}
}

9
2017/12xxx/CVE-2017-12735.json
View File

@ -46,7 +46,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). An attacker who performs a Man-in-the-Middle attack between the LOGO! BM and other\ndevices could potentially decrypt and modify network traffic.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). An attacker who performs a Man-in-the-Middle attack between the LOGO! BM and other devices could potentially decrypt and modify network traffic."
}
]
},
@ -58,9 +58,10 @@
"url": "http://www.securityfocus.com/bid/100561"
},
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-087240.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-087240.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-087240.pdf"
}
]
}
}
}

22
2019/10xxx/CVE-2019-10919.json
View File

@ -46,17 +46,12 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Attackers with access to port 10005/tcp could perform device reconfigurations\nand obtain project files from the devices. The system manual recommends to\nprotect access to this port.\n\nThe security vulnerability could be exploited by an unauthenticated attacker\nwith network access to port 10005/tcp. No user interaction is required to\nexploit this security vulnerability. The vulnerability impacts confidentiality,\nintegrity, and availability of the device.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
},
{
"refsource": "BID",
"name": "108382",
@ -67,15 +62,20 @@
"name": "20190529 [SYSS-2019-013]: Siemens LOGO! 8 - Missing Authentication for Critical Function (CWE-306)",
"url": "https://seclists.org/bugtraq/2019/May/73"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153123/Siemens-LOGO-8-Missing-Authentication.html",
"url": "http://packetstormsecurity.com/files/153123/Siemens-LOGO-8-Missing-Authentication.html"
},
{
"refsource": "FULLDISC",
"name": "20190529 [SYSS-2019-013]: Siemens LOGO! 8 - Missing Authentication for Critical Function (CWE-306)",
"url": "http://seclists.org/fulldisclosure/2019/May/45"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153123/Siemens-LOGO-8-Missing-Authentication.html",
"url": "http://packetstormsecurity.com/files/153123/Siemens-LOGO-8-Missing-Authentication.html"
}
]
}

22
2019/10xxx/CVE-2019-10920.json
View File

@ -46,17 +46,12 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Project data stored on the device, which is accessible via port 10005/tcp,\ncan be decrypted due to a hardcoded encryption key.\n\nThe security vulnerability could be exploited by an unauthenticated attacker\nwith network access to port 10005/tcp. No user interaction is required to\nexploit this security vulnerability. The vulnerability impacts confidentiality\nof the device.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
},
{
"refsource": "BID",
"name": "108382",
@ -67,15 +62,20 @@
"name": "20190529 [SYSS-2019-012]: Siemens LOGO! 8 - Use of Hard-coded Cryptographic Key (CWE-321)",
"url": "https://seclists.org/bugtraq/2019/May/72"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153122/Siemens-LOGO-8-Hard-Coded-Cryptographic-Key.html",
"url": "http://packetstormsecurity.com/files/153122/Siemens-LOGO-8-Hard-Coded-Cryptographic-Key.html"
},
{
"refsource": "FULLDISC",
"name": "20190529 [SYSS-2019-012]: Siemens LOGO! 8 - Use of Hard-coded Cryptographic Key (CWE-321)",
"url": "http://seclists.org/fulldisclosure/2019/May/44"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153122/Siemens-LOGO-8-Hard-Coded-Cryptographic-Key.html",
"url": "http://packetstormsecurity.com/files/153122/Siemens-LOGO-8-Hard-Coded-Cryptographic-Key.html"
}
]
}

22
2019/10xxx/CVE-2019-10921.json
View File

@ -46,17 +46,12 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Unencrypted storage of passwords in the project could allow an attacker with\naccess to port 10005/tcp to obtain passwords of the device.\n\nThe security vulnerability could be exploited by an unauthenticated attacker\nwith network access to port 10005/tcp. No user interaction is required to\nexploit this security vulnerability. The vulnerability impacts confidentiality\nof the device.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Unencrypted storage of passwords in the project could allow an attacker with access to port 10005/tcp to obtain passwords of the device. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known"
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
},
{
"refsource": "BID",
"name": "108382",
@ -67,15 +62,20 @@
"name": "20190529 [SYSS-2019-014]: Siemens LOGO! 8 - Storing Passwords in a Recoverable Format (CWE-257)",
"url": "https://seclists.org/bugtraq/2019/May/74"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153124/Siemens-LOGO-8-Recoverable-Password-Format.html",
"url": "http://packetstormsecurity.com/files/153124/Siemens-LOGO-8-Recoverable-Password-Format.html"
},
{
"refsource": "FULLDISC",
"name": "20190529 [SYSS-2019-014]: Siemens LOGO! 8 - Storing Passwords in a Recoverable Format (CWE-257)",
"url": "http://seclists.org/fulldisclosure/2019/May/49"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153124/Siemens-LOGO-8-Recoverable-Password-Format.html",
"url": "http://packetstormsecurity.com/files/153124/Siemens-LOGO-8-Recoverable-Password-Format.html"
}
]
}

12
2019/10xxx/CVE-2019-10924.json
View File

@ -46,21 +46,21 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! Soft Comfort (All versions < V8.3). The vulnerability could allow an attacker to execute arbitrary code if the\nattacker tricks a legitimate user to open a manipulated project.\n\nIn order to exploit the vulnerability, a valid user must open a manipulated\nproject file. No further privileges are required on the target system. The\nvulnerability could compromise the confidentiality, integrity and\navailability of the engineering station.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known.\n"
"value": "A vulnerability has been identified in LOGO! Soft Comfort (All versions < V8.3). The vulnerability could allow an attacker to execute arbitrary code if the attacker tricks a legitimate user to open a manipulated project. In order to exploit the vulnerability, a valid user must open a manipulated project file. No further privileges are required on the target system. The vulnerability could compromise the confidentiality, integrity and availability of the engineering station. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf"
},
{
"refsource": "BID",
"name": "108368",
"url": "http://www.securityfocus.com/bid/108368"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf"
}
]
}

2
2019/13xxx/CVE-2019-13946.json
View File

@ -486,7 +486,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All Versions < V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All Versions < V4.6), PROFINET Driver for Controller (All Versions < V2.1), RUGGEDCOM RM1224 (All versions < V4.3), SCALANCE M-800 / S615 (All versions < V4.3), SCALANCE W700 IEEE 802.11n (All versions <= V6.0.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All Versions < V5.3), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions), SCALANCE XB-200, XC-200, XP-200, XF-200BA and XR-300WG (All Versions < V3.0), SCALANCE XM-400 switch family (All Versions < V6.0), SCALANCE XR-500 switch family (All Versions < V6.0), SIMATIC ET200AL IM 157-1 PN (All versions), SIMATIC ET200M IM153-4 PN IO HF (incl. SIPLUS variants) (All versions), SIMATIC ET200M IM153-4 PN IO ST (incl. SIPLUS variants) (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All Versions < V4.2.0), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants) (All Versions < V4.1.0), SIMATIC ET200S (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN Basic (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All Versions < V3.3.1), SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants) (All Versions < V4.1.0), SIMATIC ET200ecoPN (except 6ES7141-6BG00-0BB0, 6ES7141-6BH00-0BB0, 6ES7142-6BG00-0BB0, 6ES7142-6BR00-0BB0, 6ES7143-6BH00-0BB0, 6ES7146-6FF00-0AB0 and 6ES7148-6JD00-0AB0) (All versions), SIMATIC ET200ecoPN (except 6ES7141-6BG00-0BB0, 6ES7141-6BH00-0BB0, 6ES7142-6BG00-0BB0, 6ES7142-6BR00-0BB0, 6S7143-6BH00-0BB0, 6ES7146-6FF00-0AB0, 6ES7148-6JD00-0AB0 and 6ES7148-6JG00-0BB0) (All versions), SIMATIC ET200pro, IM 154-3 PN HF (All versions), SIMATIC ET200pro, IM 154-4 PN HF (All versions), SIMATIC IPC Support, Package for VxWorks (All versions), SIMATIC MV400 family (All versions), SIMATIC NET CP 1616 and CP 1604 (All Versions < V2.8), SIMATIC NET CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 ERPC (All versions), SIMATIC NET CP 343-1 LEAN (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-1 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-1 OPC UA (All versions), SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant) (All Versions), SIMATIC RF180C (All versions), SIMATIC RF182C (All versions), SIMATIC RF600 family (All versions < V3), SIMOTION C (All versions < V4.5), SIMOTION D (incl. SIPLUS variants) (All versions < V4.5), SIMOTION P (All versions < V4.5), SINAMICS DCP (All Versions < V1.3), SOFTNET-IE PNIO (All versions). Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit\ninternal resource allocation when multiple legitimate diagnostic package\nrequests are sent to the DCE-RPC interface.\nThis could lead to a denial of service condition due to lack of memory\nfor devices that include a vulnerable version of the stack.\n\nThe security vulnerability could be exploited by an attacker with network\naccess to an affected device. Successful exploitation requires no system\nprivileges and no user interaction. An attacker could use the vulnerability\nto compromise the availability of the device.\n"
"value": "A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All Versions < V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All Versions < V4.6), PROFINET Driver for Controller (All Versions < V2.1), RUGGEDCOM RM1224 (All versions < V4.3), SCALANCE M-800 / S615 (All versions < V4.3), SCALANCE W700 IEEE 802.11n (All versions <= V6.0.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All Versions < V5.3), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions), SCALANCE XB-200, XC-200, XP-200, XF-200BA and XR-300WG (All Versions < V3.0), SCALANCE XM-400 switch family (All Versions < V6.0), SCALANCE XR-500 switch family (All Versions < V6.0), SIMATIC ET200AL IM 157-1 PN (All versions), SIMATIC ET200M IM153-4 PN IO HF (incl. SIPLUS variants) (All versions), SIMATIC ET200M IM153-4 PN IO ST (incl. SIPLUS variants) (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All Versions < V4.2.0), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants) (All Versions < V4.1.0), SIMATIC ET200S (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN Basic (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All Versions < V3.3.1), SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants) (All Versions < V4.1.0), SIMATIC ET200ecoPN (except 6ES7141-6BG00-0BB0, 6ES7141-6BH00-0BB0, 6ES7142-6BG00-0BB0, 6ES7142-6BR00-0BB0, 6ES7143-6BH00-0BB0, 6ES7146-6FF00-0AB0 and 6ES7148-6JD00-0AB0) (All versions), SIMATIC ET200ecoPN (except 6ES7141-6BG00-0BB0, 6ES7141-6BH00-0BB0, 6ES7142-6BG00-0BB0, 6ES7142-6BR00-0BB0, 6S7143-6BH00-0BB0, 6ES7146-6FF00-0AB0, 6ES7148-6JD00-0AB0 and 6ES7148-6JG00-0BB0) (All versions), SIMATIC ET200pro, IM 154-3 PN HF (All versions), SIMATIC ET200pro, IM 154-4 PN HF (All versions), SIMATIC IPC Support, Package for VxWorks (All versions), SIMATIC MV400 family (All versions), SIMATIC NET CP 1616 and CP 1604 (All Versions < V2.8), SIMATIC NET CP 343-1 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC NET CP 343-1 ERPC (All versions), SIMATIC NET CP 343-1 LEAN (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-1 (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants) (All versions), SIMATIC NET CP 443-1 OPC UA (All versions), SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant) (All Versions), SIMATIC RF180C (All versions), SIMATIC RF182C (All versions), SIMATIC RF600 family (All versions < V3), SIMOTION C (All versions < V4.5), SIMOTION D (incl. SIPLUS variants) (All versions < V4.5), SIMOTION P (All versions < V4.5), SINAMICS DCP (All Versions < V1.3), SOFTNET-IE PNIO (All versions). Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device."
}
]
},

7
2019/19xxx/CVE-2019-19283.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The application's web server could expose non-sensitive information\nabout the server's architecture. This could allow an attacker to\nadapt further attacks to the version in place.\n"
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The application's web server could expose non-sensitive information about the server's architecture. This could allow an attacker to adapt further attacks to the version in place."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
}
]
}

7
2019/19xxx/CVE-2019-19284.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if an\nattacker is able to modify content of particular web pages, causing the\napplication to behave in unexpected ways for legitimate users.\n"
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify content of particular web pages, causing the application to behave in unexpected ways for legitimate users."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
}
]
}

7
2019/19xxx/CVE-2019-19285.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow injections that could lead to XSS\nattacks if unsuspecting users are tricked into accessing a malicious\nlink.\n"
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow injections that could lead to XSS attacks if unsuspecting users are tricked into accessing a malicious link."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
}
]
}

7
2019/19xxx/CVE-2019-19286.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow SQL injection attacks if an\nattacker is able to modify content of particular web pages.\n"
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow SQL injection attacks if an attacker is able to modify content of particular web pages."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
}
]
}

7
2019/19xxx/CVE-2019-19287.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the\nfile system of the server based by sending specially crafted\npackets over the network without authentication.\n"
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets over the network without authentication."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
}
]
}

7
2019/19xxx/CVE-2019-19288.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if\nunsuspecting users are tricked into accessing a malicious link.\n"
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
}
]
}

7
2019/19xxx/CVE-2019-19289.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow a Cross-Site Request Forgery (CSRF) attack\nif an unsuspecting user is tricked into accessing a malicious link.\n"
"value": "A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-712690.pdf"
}
]
}

2
2019/6xxx/CVE-2019-6568.json
View File

@ -746,7 +746,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in RFID 181EIP, SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F, SIMATIC IPC DiagMonitor, SIMATIC NET CP 1616 and CP 1604, SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants), SIMATIC NET CP 443-1 (incl. SIPLUS variants), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants), SIMATIC NET CP 443-1 OPC UA, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600 family, SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP (incl. SIPLUS variants), SIMOCODE pro V PN (incl. SIPLUS variants), SINAMICS G130 V4.6 Control Unit, SINAMICS G130 V4.7 Control Unit, SINAMICS G130 V4.7 SP1 Control Unit, SINAMICS G130 V4.8 Control Unit, SINAMICS G130 V5.1 Control Unit, SINAMICS G130 V5.1 SP1 Control Unit, SINAMICS G150 V4.6 Control Unit, SINAMICS G150 V4.7 Control Unit, SINAMICS G150 V4.7 SP1 Control Unit, SINAMICS G150 V4.8 Control Unit, SINAMICS G150 V5.1 Control Unit, SINAMICS G150 V5.1 SP1 Control Unit, SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants), SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants), SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants), SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants), SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants), SINAMICS S150 V4.6 Control Unit, SINAMICS S150 V4.7 Control Unit, SINAMICS S150 V4.7 SP1 Control Unit, SINAMICS S150 V4.8 Control Unit, SINAMICS S150 V5.1 Control Unit, SINAMICS S150 V5.1 SP1 Control Unit, SINAMICS S210 V5.1 Control Unit, SINAMICS S210 V5.1 SP1 Control Unit, SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600 (incl. SIPLUS variants), TIM 1531 IRC (incl. SIPLUS NET variants). The webserver of the affected devices contains a vulnerability that may lead to\na denial-of-service condition. An attacker may cause a denial-of-service\nsituation which leads to a restart of the webserver of the affected device.\n\nThe security vulnerability could be exploited by an attacker with network\naccess to the affected systems. Successful exploitation requires no system\nprivileges and no user interaction. An attacker could use the vulnerability\nto compromise availability of the device.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known.\n"
"value": "A vulnerability has been identified in RFID 181EIP, SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants), SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" (incl. SIPLUS variants), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F, SIMATIC IPC DiagMonitor, SIMATIC NET CP 1616 and CP 1604, SIMATIC NET CP 343-1 Advanced (incl. SIPLUS variants), SIMATIC NET CP 443-1 (incl. SIPLUS variants), SIMATIC NET CP 443-1 Advanced (incl. SIPLUS variants), SIMATIC NET CP 443-1 OPC UA, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600 family, SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP (incl. SIPLUS variants), SIMOCODE pro V PN (incl. SIPLUS variants), SINAMICS G130 V4.6 Control Unit, SINAMICS G130 V4.7 Control Unit, SINAMICS G130 V4.7 SP1 Control Unit, SINAMICS G130 V4.8 Control Unit, SINAMICS G130 V5.1 Control Unit, SINAMICS G130 V5.1 SP1 Control Unit, SINAMICS G150 V4.6 Control Unit, SINAMICS G150 V4.7 Control Unit, SINAMICS G150 V4.7 SP1 Control Unit, SINAMICS G150 V4.8 Control Unit, SINAMICS G150 V5.1 Control Unit, SINAMICS G150 V5.1 SP1 Control Unit, SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants), SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants), SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants), SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants), SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants), SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants), SINAMICS S150 V4.6 Control Unit, SINAMICS S150 V4.7 Control Unit, SINAMICS S150 V4.7 SP1 Control Unit, SINAMICS S150 V4.8 Control Unit, SINAMICS S150 V5.1 Control Unit, SINAMICS S150 V5.1 SP1 Control Unit, SINAMICS S210 V5.1 Control Unit, SINAMICS S210 V5.1 SP1 Control Unit, SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600 (incl. SIPLUS variants), TIM 1531 IRC (incl. SIPLUS NET variants). The webserver of the affected devices contains a vulnerability that may lead to a denial-of-service condition. An attacker may cause a denial-of-service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},

62
2020/0xxx/CVE-2020-0099.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0099",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-8.0 Android-8.1 Android-9 Android-10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. This could lead to local escalation of privilege via tapjacking with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-141745510"
}
]
}
}

62
2020/0xxx/CVE-2020-0440.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0440",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-11"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a trusted virtual display due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-162627132"
}
]
}
}

62
2020/0xxx/CVE-2020-0444.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0444",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150693166References: Upstream kernel"
}
]
}
}

62
2020/0xxx/CVE-2020-0455.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0455",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android SoC"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170372514"
}
]
}
}

62
2020/0xxx/CVE-2020-0457.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0457",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android SoC"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170367562"
}
]
}
}

62
2020/0xxx/CVE-2020-0458.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0458",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-9 Android-10 Android-8.0 Android-8.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In SPDIFEncoder::writeBurstBufferBytes and related methods of SPDIFEncoder.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-8.0 Android-8.1Android ID: A-160265164"
}
]
}
}

62
2020/0xxx/CVE-2020-0459.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0459",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-8.1 Android-9 Android-10 Android-8.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of sensitive WiFi configuration data due to a missing permission check. This could lead to local information disclosure of WiFi network names with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-159373687"
}
]
}
}

62
2020/0xxx/CVE-2020-0460.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0460",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-11"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In createNameCredentialDialog of CertInstaller.java, there exists the possibility of improperly installed certificates due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-163413737"
}
]
}
}

62
2020/0xxx/CVE-2020-0463.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0463",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-10 Android-11 Android-8.0 Android-8.1 Android-9"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In sdp_server_handle_client_req of sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.0 Android-8.1 Android-9Android ID: A-169342531"
}
]
}
}

62
2020/0xxx/CVE-2020-0464.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0464",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure. This could lead to local information disclosure of accessed web resources with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150371903"
}
]
}
}

62
2020/0xxx/CVE-2020-0465.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0465",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-162844689References: Upstream kernel"
}
]
}
}

62
2020/0xxx/CVE-2020-0466.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0466",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147802478References: Upstream kernel"
}
]
}
}

62
2020/0xxx/CVE-2020-0467.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0467",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-10 Android-11 Android-8.1 Android-9"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In onUserStopped of Vpn.java, there is a possible resetting of user preferences due to a logic issue. This could lead to local information disclosure of secure network traffic over a non-VPN link with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-168500792"
}
]
}
}

62
2020/0xxx/CVE-2020-0468.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0468",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-10 Android-11"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In listen() and related functions of TelephonyRegistry.java, there is a possible permissions bypass of location permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-158484422"
}
]
}
}

62
2020/0xxx/CVE-2020-0469.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0469",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-11"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In addEscrowToken of LockSettingsService.java, there is a possible loss of the synthetic password due to logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-168692734"
}
]
}
}

62
2020/0xxx/CVE-2020-0470.json Normal file
View File

@ -0,0 +1,62 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-0470",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android-11 Android-10"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2020-12-01",
"url": "https://source.android.com/security/bulletin/2020-12-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In extend_frame_highbd of restoration.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-166268541"
}
]
}
}

2
2020/15xxx/CVE-2020-15786.json
View File

@ -76,7 +76,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions >= V14), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI Mobile Panels (All versions), SIMATIC HMI Unified Comfort Panels (All versions). Affected devices insufficiently block excessive authentication attempts.\n\nThis could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack.\n"
"value": "A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions >= V14), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI Mobile Panels (All versions), SIMATIC HMI Unified Comfort Panels (All versions). Affected devices insufficiently block excessive authentication attempts. This could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack."
}
]
},

2
2020/15xxx/CVE-2020-15787.json
View File

@ -46,7 +46,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC HMI Unified Comfort Panels (All versions). Affected devices insufficiently validate authentication attempts as the information given can be truncated to match only a set number of characters versus the whole provided string.\n\nThis could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack.\n"
"value": "A vulnerability has been identified in SIMATIC HMI Unified Comfort Panels (All versions). Affected devices insufficiently validate authentication attempts as the information given can be truncated to match only a set number of characters versus the whole provided string. This could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack."
}
]
},

2
2020/15xxx/CVE-2020-15791.json
View File

@ -76,7 +76,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials.\n"
"value": "A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials."
}
]
},

7
2020/15xxx/CVE-2020-15796.json
View File

@ -56,15 +56,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker\nto trigger a denial-of-service condition by sending a specially crafted HTTP request.\n"
"value": "A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a specially crafted HTTP request."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-700697.pdf"
}
]
}

7
2020/25xxx/CVE-2020-25228.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization.\nAn attacker could gain full control over an affected device, if he has access to this service.\nThe system manual recommends to protect access to this port.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access to this service. The system manual recommends to protect access to this port."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
}
]
}

7
2020/25xxx/CVE-2020-25229.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The implemented encryption for communication with affected devices is prone to replay attacks due to the usage of a static key.\nAn attacker could change the password or change the configuration on any affected device if using prepared messages that were generated for another device.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The implemented encryption for communication with affected devices is prone to replay attacks due to the usage of a static key. An attacker could change the password or change the configuration on any affected device if using prepared messages that were generated for another device."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
}
]
}

7
2020/25xxx/CVE-2020-25230.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption key from a captured communication with the device."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
}
]
}

7
2020/25xxx/CVE-2020-25231.json
View File

@ -56,15 +56,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program files.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program files."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
}
]
}

7
2020/25xxx/CVE-2020-25232.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port 8080/tcp.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an insecure random number generation function and a deprecated cryptographic function, an attacker could extract the key that is used when communicating with an affected device on port 8080/tcp."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
}
]
}

7
2020/25xxx/CVE-2020-25233.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The firmware update of affected devices contains the private RSA key that is used as a basis for encryption of communication with the device.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The firmware update of affected devices contains the private RSA key that is used as a basis for encryption of communication with the device."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
}
]
}

7
2020/25xxx/CVE-2020-25234.json
View File

@ -56,15 +56,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions (UDF) in a password protected way. This protection is implemented in the software that displays the information. An attacker could reverse engineer the UDFs directly from stored program files.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected components offer the possibility to save user-defined functions (UDF) in a password protected way. This protection is implemented in the software that displays the information. An attacker could reverse engineer the UDFs directly from stored program files."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
}
]
}

7
2020/25xxx/CVE-2020-25235.json
View File

@ -46,15 +46,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recoverable format. An attacker with access to the network traffic could derive valid logins.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recoverable format. An attacker with access to the network traffic could derive valid logins."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-480824.pdf"
}
]
}

7
2020/28xxx/CVE-2020-28396.json
View File

@ -66,15 +66,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of the affected device can cause insecure ciphers usage by a user\u00b4s browser. An attacker in a privileged position could decrypt the communication and compromise confidentiality and integrity of the transmitted information.\n"
"value": "A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of the affected device can cause insecure ciphers usage by a user\u00b4s browser. An attacker in a privileged position could decrypt the communication and compromise confidentiality and integrity of the transmitted information."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-415783.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-415783.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-415783.pdf"
}
]
}

18
2020/35xxx/CVE-2020-35453.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-35453",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

2
2020/7xxx/CVE-2020-7580.json
View File

@ -286,7 +286,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions), SIMATIC NET PC software (All versions V16 < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (All versions < V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions), SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC WinCC OA V3.16 (All versions < P018), SIMATIC WinCC OA V3.17 (All versions < P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions), SINEMA Server (All versions), SINUMERIK ONE virtual (All versions), SINUMERIK Operate (All versions). A component within the affected application regularly calls a helper binary with SYSTEM privileges while the call path is not quoted.\n"
"value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions), SIMATIC NET PC software (All versions V16 < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (All versions < V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions), SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC WinCC OA V3.16 (All versions < P018), SIMATIC WinCC OA V3.17 (All versions < P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions), SINEMA Server (All versions), SINUMERIK ONE virtual (All versions), SINUMERIK Operate (All versions). A component within the affected application regularly calls a helper binary with SYSTEM privileges while the call path is not quoted."
}
]
},

7
2020/7xxx/CVE-2020-7581.json
View File

@ -156,15 +156,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted.\n"
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
]
}

2
2020/7xxx/CVE-2020-7585.json
View File

@ -86,7 +86,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges.\n\nThe security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.\n"
"value": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information."
}
]
},

2
2020/7xxx/CVE-2020-7586.json
View File

@ -86,7 +86,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation.\n\nThe security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information.\n"
"value": "A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information."
}
]
},

7
2020/7xxx/CVE-2020-7587.json
View File

@ -176,15 +176,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could\ncause a partial remote Denial-of-Service, that would cause the service\nto restart itself.\n\nOn some cases the vulnerability could leak random information from the\nremote service.\n"
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote Denial-of-Service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
]
}

7
2020/7xxx/CVE-2020-7588.json
View File

@ -176,15 +176,16 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a\npartial remote Denial-of-Service, that would cause the service to restart\nitself.\n"
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (All versions), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES (All versions < V16 Update 1), Soft Starter ES (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote Denial-of-Service, that would cause the service to restart itself."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
]
}

2
2020/7xxx/CVE-2020-7589.json
View File

@ -46,7 +46,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). The vulnerability could lead to an attacker reading and modifying\nthe device configuration and obtain project files from affected devices.\n\nThe security vulnerability could be exploited by an unauthenticated attacker\nwith network access to port 135/tcp. No user interaction is required to\nexploit this security vulnerability. The vulnerability impacts confidentiality,\nintegrity, and availability of the device.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known.\n"
"value": "A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). The vulnerability could lead to an attacker reading and modifying the device configuration and obtain project files from affected devices. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 135/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},