Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-8265 (GCVE-0-2019-8265)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-16 17:07
VLAI?
EPSS
Summary
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208.
Severity ?
No CVSS data available.
CWE
- CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T11:57:30.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8265",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:07:55.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2019-8265
Vulnerability from fkie_nvd - Published: 2019-03-08 23:29 - Updated: 2024-11-21 04:49
Severity ?
Summary
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "555D034F-3D64-4ED1-9B63-F8D59199E99C",
"versionEndExcluding": "1.2.2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208."
},
{
"lang": "es",
"value": "UltraVNC, en su revisi\u00f3n 1207, tiene m\u00faltiples vulnerabilidades de acceso fuera de l\u00edmites conectadas al uso incorrecto del macro SETPIXELS en el c\u00f3digo VNC del cliente, lo que podr\u00eda, potencialmente, conducir a una ejecuci\u00f3n de c\u00f3digo. Este ataque parece ser explotable mediante la conectividad de red. Se han solucionado estas vulnerabilidades en la revisi\u00f3n 1208."
}
],
"id": "CVE-2019-8265",
"lastModified": "2024-11-21T04:49:36.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-08T23:29:00.497",
"references": [
{
"source": "vulnerability@kaspersky.com",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"source": "vulnerability@kaspersky.com",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"source": "vulnerability@kaspersky.com",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"source": "vulnerability@kaspersky.com",
"tags": [
"Third Party Advisory"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"source": "vulnerability@kaspersky.com",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
},
{
"source": "vulnerability@kaspersky.com",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"sourceIdentifier": "vulnerability@kaspersky.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-788"
}
],
"source": "vulnerability@kaspersky.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2019-AVI-384
Vulnerability from certfr_avis - Published: 2019-08-13 - Updated: 2019-08-14
De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Schneider Electric | N/A | EcoStruxure Machine Expert HVAC (anciennement SoMachine HVAC) versions antérieures à 1.1.0 | ||
| Schneider Electric | N/A | Wiser for KNX (anciennement homeLYnk) versions antérieures à 2.4.0 | ||
| Schneider Electric | N/A | Modicon Premium | ||
| Schneider Electric | N/A | TelevisGO versions produites avant le 15 juillet 2019 et utilisant une version de UltraVNC, 1.0.9.6.1 et antérieure, sans le correctif de sécurité TelevisGo_HotFix_20190715.exe | ||
| Schneider Electric | N/A | Magelis HMIGTO series | ||
| Schneider Electric | N/A | Magelis XBTGH series | ||
| Schneider Electric | N/A | Magelis HMIGTUX series | ||
| Schneider Electric | N/A | Magelis XBTGC series | ||
| Schneider Electric | N/A | Modicon M580 versions antérieures à V2.90 | ||
| Schneider Electric | N/A | Magelis HMIGTU series | ||
| Schneider Electric | N/A | BMXNOR0200H Ethernet / Serial RTU module | ||
| Schneider Electric | N/A | Magelis HMISTO series | ||
| Schneider Electric | N/A | Magelis HMISCU series | ||
| Schneider Electric | N/A | Magelis HMIGXO series | ||
| Schneider Electric | Modicon M340 | Modicon M340 versions antérieures à V3.10 | ||
| Schneider Electric | N/A | Schneider Electric Software Update (SESU) SUT Service component versions antérieures à 2.3.1 | ||
| Schneider Electric | N/A | Magelis XBTGT series | ||
| Schneider Electric | N/A | Magelis HMIGXU series | ||
| Schneider Electric | N/A | Magelis HMISTU series | ||
| Schneider Electric | N/A | spaceLYnk versions antérieures à 2.4.0 | ||
| Schneider Electric | N/A | Modicon Quantum |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "EcoStruxure Machine Expert HVAC (anciennement SoMachine HVAC) versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Wiser for KNX (anciennement homeLYnk) versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon Premium",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "TelevisGO versions produites avant le 15 juillet 2019 et utilisant une version de UltraVNC, 1.0.9.6.1 et ant\u00e9rieure, sans le correctif de s\u00e9curit\u00e9 TelevisGo_HotFix_20190715.exe",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis HMIGTO series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis XBTGH series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis HMIGTUX series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis XBTGC series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M580 versions ant\u00e9rieures \u00e0 V2.90",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis HMIGTU series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "BMXNOR0200H Ethernet / Serial RTU module",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis HMISTO series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis HMISCU series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis HMIGXO series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon M340 versions ant\u00e9rieures \u00e0 V3.10",
"product": {
"name": "Modicon M340",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Schneider Electric Software Update (SESU) SUT Service component versions ant\u00e9rieures \u00e0 2.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis XBTGT series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis HMIGXU series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Magelis HMISTU series",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "spaceLYnk versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
},
{
"description": "Modicon Quantum",
"product": {
"name": "N/A",
"vendor": {
"name": "Schneider Electric",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-15361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15361"
},
{
"name": "CVE-2019-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8262"
},
{
"name": "CVE-2019-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8277"
},
{
"name": "CVE-2019-6828",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6828"
},
{
"name": "CVE-2019-8265",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8265"
},
{
"name": "CVE-2019-8269",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8269"
},
{
"name": "CVE-2019-8260",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8260"
},
{
"name": "CVE-2019-8263",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8263"
},
{
"name": "CVE-2019-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6832"
},
{
"name": "CVE-2019-8261",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8261"
},
{
"name": "CVE-2019-8276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8276"
},
{
"name": "CVE-2018-7846",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7846"
},
{
"name": "CVE-2019-8259",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8259"
},
{
"name": "CVE-2018-7842",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7842"
},
{
"name": "CVE-2018-7849",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7849"
},
{
"name": "CVE-2019-8271",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8271"
},
{
"name": "CVE-2019-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6831"
},
{
"name": "CVE-2019-6813",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6813"
},
{
"name": "CVE-2019-6809",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6809"
},
{
"name": "CVE-2019-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6829"
},
{
"name": "CVE-2018-7852",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7852"
},
{
"name": "CVE-2019-8267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8267"
},
{
"name": "CVE-2019-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6830"
},
{
"name": "CVE-2019-6810",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6810"
},
{
"name": "CVE-2018-7854",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7854"
},
{
"name": "CVE-2019-8280",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8280"
},
{
"name": "CVE-2018-7844",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7844"
},
{
"name": "CVE-2018-7847",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7847"
},
{
"name": "CVE-2018-7855",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7855"
},
{
"name": "CVE-2019-8275",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8275"
},
{
"name": "CVE-2019-8274",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8274"
},
{
"name": "CVE-2019-6808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6808"
},
{
"name": "CVE-2019-6826",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6826"
},
{
"name": "CVE-2018-7850",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7850"
},
{
"name": "CVE-2018-7856",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7856"
},
{
"name": "CVE-2019-8266",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8266"
},
{
"name": "CVE-2019-8270",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8270"
},
{
"name": "CVE-2019-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6834"
},
{
"name": "CVE-2019-68067",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-68067"
},
{
"name": "CVE-2018-7845",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7845"
},
{
"name": "CVE-2019-8258",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8258"
},
{
"name": "CVE-2018-7857",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7857"
},
{
"name": "CVE-2019-8264",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8264"
},
{
"name": "CVE-2019-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6833"
},
{
"name": "CVE-2019-8272",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8272"
},
{
"name": "CVE-2019-8268",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8268"
},
{
"name": "CVE-2019-68077",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-68077"
},
{
"name": "CVE-2019-8273",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8273"
},
{
"name": "CVE-2018-7853",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7853"
},
{
"name": "CVE-2018-7843",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7843"
},
{
"name": "CVE-2018-7848",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7848"
}
],
"initial_release_date": "2019-08-13T00:00:00",
"last_revision_date": "2019-08-14T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-384",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-08-13T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-225-04 du 13 ao\u00fbt 2019",
"revision_date": "2019-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-225-06 du 13 ao\u00fbt 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-225-06-SESU_SUT_Service.pdf\u0026p_Doc_Ref=SEVD-2019-225-06"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-225-04 du 13 ao\u00fbt 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-225-04_SoMachine_HVAC_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2019-225-04"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-225-01 du 13 ao\u00fbt 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-225-01-Magelis_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2019-225-01"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-225-03 du 13 ao\u00fbt 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-225-03-Modicon-Ethernet+-Serial-RTU-Module-Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2019-225-03"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-225-07 du 13 ao\u00fbt 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-225-07-spaceLYnk-homeLYnk.pdf\u0026p_Doc_Ref=SEVD-2019-225-07"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-225-02 du 13 ao\u00fbt 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-225-02-Modicon_M340_Controllers_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2019-225-02"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-134-11 du 13 ao\u00fbt 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-134-11-V2-Modicon-Controllers.pdf\u0026p_Doc_Ref=SEVD-2019-134-11"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-225-05 du 13 ao\u00fbt 2019",
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-225-05-TelevisGO_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2019-225-05"
}
]
}
CERTFR-2021-AVI-357
Vulnerability from certfr_avis - Published: 2021-05-11 - Updated: 2021-05-11
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | TECNOMATIX Plan Simulation versions antérieures à 16.0.5 | ||
| Siemens | N/A | SIMATIC NET CP 1545-1, CP 343-1 toutes versions | ||
| Siemens | N/A | SIMATIC NET CP 1243-1, CP 1243-7, CP 1243-8 versions 3.1.39 et ultérieures | ||
| Siemens | N/A | SINAMICS SL150, SM150, SM150i toutes versions | ||
| Siemens | N/A | SIMATIC IPC127E, IPC427E, IPC477E, IPC527G, IPC547G toutes versions | ||
| Siemens | N/A | SINUMERIK ONE 840D et PPU 1740 toutes versions | ||
| Siemens | N/A | MENDIX Database Replication versions antérieures à 7.0.1 | ||
| Siemens | N/A | SINAMICS GH150, GL150 (X30), GM150 (X30), SH150, SM120 avec les versions de HMI Panel antérieures à v16 update 4 | ||
| Siemens | N/A | RUGGEDCOM RM1224 versions antérieures à 6.4 | ||
| Siemens | N/A | SIMATIC WinCC runtime advanced versions antérieures à 16 update 4 | ||
| Siemens | N/A | MENDIX module Excel Importer versions antérieures à 9.0.3 | ||
| Siemens | N/A | SCALANCE XM-400, XR-500, M-800, S615 versions antérieures à 6.4 | ||
| Siemens | N/A | SCALANCE W1750D versions v8.3.0.1, v8.6.0 et v8.7.0 | ||
| Siemens | N/A | SIMATIC MV500 toutes versions | ||
| Siemens | N/A | SIMATIC IPC627E, IPC647E, IPC677E, IPC847E versions antérieures à 25.02.08 | ||
| Siemens | N/A | SIMATIC Cloud Connect 7 toutes versions | ||
| Siemens | N/A | SIMATIC HMI versions antérieures à 16 update 4 | ||
| Siemens | N/A | SINEMA Remote Connect Server versions antérieures à 3.0 SP1 | ||
| Siemens | N/A | SIMATIC ET 200SP Open Controller CPU 1515SP PC2 toutes versions | ||
| Siemens | N/A | SIMATIC Field PG M6 toutes versions | ||
| Siemens | N/A | SIMATIC ITP1000 versions antérieures à 23.01.08 | ||
| Siemens | N/A | TIM 1531 toutes versions | ||
| Siemens | N/A | SIMATIC NET CP 1542, CP 1543-1 versions 2.0 et ultérieures | ||
| Siemens | N/A | SINUMERIK 828D HW PPU.4, MC MCU 170 toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU 1518-4 ou 1518F-4 toutes versions | ||
| Siemens | N/A | SIMATIC Field PG M5 versions antérieures à 22.01.08 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "TECNOMATIX Plan Simulation versions ant\u00e9rieures \u00e0 16.0.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 1545-1, CP 343-1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 1243-1, CP 1243-7, CP 1243-8 versions 3.1.39 et ult\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS SL150, SM150, SM150i toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC127E, IPC427E, IPC477E, IPC527G, IPC547G toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK ONE 840D et PPU 1740 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MENDIX Database Replication versions ant\u00e9rieures \u00e0 7.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS GH150, GL150 (X30), GM150 (X30), SH150, SM120 avec les versions de HMI Panel ant\u00e9rieures \u00e0 v16 update 4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RM1224 versions ant\u00e9rieures \u00e0 6.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC runtime advanced versions ant\u00e9rieures \u00e0 16 update 4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "MENDIX module Excel Importer versions ant\u00e9rieures \u00e0 9.0.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XM-400, XR-500, M-800, S615 versions ant\u00e9rieures \u00e0 6.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1750D versions v8.3.0.1, v8.6.0 et v8.7.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC MV500 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC627E, IPC647E, IPC677E, IPC847E versions ant\u00e9rieures \u00e0 25.02.08",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Cloud Connect 7 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI versions ant\u00e9rieures \u00e0 16 update 4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Remote Connect Server versions ant\u00e9rieures \u00e0 3.0 SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Field PG M6 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ITP1000 versions ant\u00e9rieures \u00e0 23.01.08",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 1531 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET CP 1542, CP 1543-1 versions 2.0 et ult\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK 828D HW PPU.4, MC MCU 170 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU 1518-4 ou 1518F-4 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Field PG M5 versions ant\u00e9rieures \u00e0 22.01.08",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-25146",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25146"
},
{
"name": "CVE-2020-24636",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24636"
},
{
"name": "CVE-2020-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15798"
},
{
"name": "CVE-2021-25158",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25158"
},
{
"name": "CVE-2019-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8262"
},
{
"name": "CVE-2019-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8277"
},
{
"name": "CVE-2021-25157",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25157"
},
{
"name": "CVE-2021-25144",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25144"
},
{
"name": "CVE-2021-27385",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27385"
},
{
"name": "CVE-2021-25661",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25661"
},
{
"name": "CVE-2019-8265",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8265"
},
{
"name": "CVE-2021-25662",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25662"
},
{
"name": "CVE-2021-25161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25161"
},
{
"name": "CVE-2020-8745",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8745"
},
{
"name": "CVE-2019-8260",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8260"
},
{
"name": "CVE-2021-27386",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27386"
},
{
"name": "CVE-2019-8263",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8263"
},
{
"name": "CVE-2021-25660",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25660"
},
{
"name": "CVE-2020-28393",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28393"
},
{
"name": "CVE-2021-25150",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25150"
},
{
"name": "CVE-2019-8261",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8261"
},
{
"name": "CVE-2019-8259",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8259"
},
{
"name": "CVE-2019-5317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5317"
},
{
"name": "CVE-2021-25145",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25145"
},
{
"name": "CVE-2021-31341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31341"
},
{
"name": "CVE-2021-27396",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27396"
},
{
"name": "CVE-2020-8698",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8698"
},
{
"name": "CVE-2020-25705",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25705"
},
{
"name": "CVE-2021-25148",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25148"
},
{
"name": "CVE-2019-8280",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8280"
},
{
"name": "CVE-2021-27384",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27384"
},
{
"name": "CVE-2020-0591",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0591"
},
{
"name": "CVE-2020-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0590"
},
{
"name": "CVE-2019-8275",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8275"
},
{
"name": "CVE-2021-25149",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25149"
},
{
"name": "CVE-2020-25242",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25242"
},
{
"name": "CVE-2021-27397",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27397"
},
{
"name": "CVE-2019-5319",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5319"
},
{
"name": "CVE-2021-25156",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25156"
},
{
"name": "CVE-2019-8264",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8264"
},
{
"name": "CVE-2019-19276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19276"
},
{
"name": "CVE-2020-8694",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8694"
},
{
"name": "CVE-2021-25160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25160"
},
{
"name": "CVE-2021-25159",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25159"
},
{
"name": "CVE-2021-25155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25155"
},
{
"name": "CVE-2021-31339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31339"
},
{
"name": "CVE-2021-27383",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27383"
},
{
"name": "CVE-2020-8744",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8744"
},
{
"name": "CVE-2021-25143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25143"
},
{
"name": "CVE-2021-25162",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25162"
},
{
"name": "CVE-2021-27398",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27398"
},
{
"name": "CVE-2020-24635",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24635"
}
],
"initial_release_date": "2021-05-11T00:00:00",
"last_revision_date": "2021-05-11T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-594364.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-854248.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-324955.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-983548.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-919955.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-501073.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-678983.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116379.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-676775.pdf"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-752103.pdf"
}
],
"reference": "CERTFR-2021-AVI-357",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-05-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens du 11 mai 2021",
"url": null
}
]
}
CERTFR-2020-AVI-349
Vulnerability from certfr_avis - Published: 2020-06-09 - Updated: 2020-06-09
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SIMATIC PDM | ||
| Siemens | N/A | SIMATIC WinCC OA V3.17 versions antérieures à V3.17-P003 | ||
| Siemens | N/A | SINUMERIK PCU base Win7 software /IPC versions antérieures à V12.01 HF4 | ||
| Siemens | N/A | SIMATIC NET PC versions antérieures à V16 Upd3 | ||
| Siemens | N/A | SIMATIC WinCC OA V3.16 versions antérieures à V3.16-P018 | ||
| Siemens | N/A | SINEC NMS sans le dernier correctif de sécurité | ||
| Siemens | N/A | SIMATIC PCS 7 | ||
| Siemens | N/A | LOGO!8 BM | ||
| Siemens | N/A | SIMATIC S7-1500 | ||
| Siemens | N/A | SINUMERIK Operate | ||
| Siemens | N/A | SINEMA Server sans le dernier correctif de sécurité | ||
| Siemens | N/A | SIMATIC WinCC Runtime Advanced | ||
| Siemens | N/A | SIMATIC Automation Tool | ||
| Siemens | N/A | SINUMERIK ONE virtual | ||
| Siemens | N/A | SIMATIC ProSave | ||
| Siemens | N/A | SIMATIC WinCC V7.5 versions antérieures à V7.5 SP1 Update 3 | ||
| Siemens | N/A | SINAMICS STARTER commissioning tool | ||
| Siemens | N/A | SIMATIC WinCC Runtime Professional V13, V14, V15 et V16 | ||
| Siemens | N/A | SIMATIC STEP 7 (TIA Portal) V13, V14, V15 et V16 | ||
| Siemens | N/A | SIMATIC PCS neo | ||
| Siemens | N/A | SINAMICS Startdrive | ||
| Siemens | N/A | SINAMICS STARTER versions antérieures à V5.4 HF1 | ||
| Siemens | N/A | SIMATIC WinCC V7.4 versions antérieures à V7.4 SP1 Update 14 | ||
| Siemens | N/A | SIMATIC STEP 7 versions antérieures à V5.6 SP2 HF3 | ||
| Siemens | N/A | SINUMERIK Access MyMachine /P2P versions antérieures à V4.8 | ||
| Siemens | N/A | SINUMERIK PCU base Win10 software /IPC versions antérieures à V14.00 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC PDM",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC OA V3.17 versions ant\u00e9rieures \u00e0 V3.17-P003",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK PCU base Win7 software /IPC versions ant\u00e9rieures \u00e0 V12.01 HF4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET PC versions ant\u00e9rieures \u00e0 V16 Upd3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC OA V3.16 versions ant\u00e9rieures \u00e0 V3.16-P018",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC NMS sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS 7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "LOGO!8 BM",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK Operate",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Server sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime Advanced",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Automation Tool",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK ONE virtual",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ProSave",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 SP1 Update 3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS STARTER commissioning tool",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime Professional V13, V14, V15 et V16",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 (TIA Portal) V13, V14, V15 et V16",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC PCS neo",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS Startdrive",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS STARTER versions ant\u00e9rieures \u00e0 V5.4 HF1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC V7.4 versions ant\u00e9rieures \u00e0 V7.4 SP1 Update 14",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC STEP 7 versions ant\u00e9rieures \u00e0 V5.6 SP2 HF3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK Access MyMachine /P2P versions ant\u00e9rieures \u00e0 V4.8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK PCU base Win10 software /IPC versions ant\u00e9rieures \u00e0 V14.00",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-7589",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7589"
},
{
"name": "CVE-2018-15361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15361"
},
{
"name": "CVE-2019-8262",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8262"
},
{
"name": "CVE-2019-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8277"
},
{
"name": "CVE-2019-8265",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8265"
},
{
"name": "CVE-2019-8269",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8269"
},
{
"name": "CVE-2019-8260",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8260"
},
{
"name": "CVE-2019-8263",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8263"
},
{
"name": "CVE-2019-8261",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8261"
},
{
"name": "CVE-2019-8276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8276"
},
{
"name": "CVE-2019-8259",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8259"
},
{
"name": "CVE-2019-8271",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8271"
},
{
"name": "CVE-2020-7586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7586"
},
{
"name": "CVE-2019-8267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8267"
},
{
"name": "CVE-2020-7580",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7580"
},
{
"name": "CVE-2019-8280",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8280"
},
{
"name": "CVE-2019-8275",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8275"
},
{
"name": "CVE-2019-8274",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8274"
},
{
"name": "CVE-2019-8266",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8266"
},
{
"name": "CVE-2019-8270",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8270"
},
{
"name": "CVE-2019-8258",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8258"
},
{
"name": "CVE-2019-8264",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8264"
},
{
"name": "CVE-2020-7585",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7585"
},
{
"name": "CVE-2019-8272",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8272"
},
{
"name": "CVE-2019-8268",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8268"
},
{
"name": "CVE-2019-8273",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8273"
}
],
"initial_release_date": "2020-06-09T00:00:00",
"last_revision_date": "2020-06-09T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-349",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-06-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-817401 du 09 juin 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-817401.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-312271 du 09 juin 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-689942 du 09 juin 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-927095 du 09 juin 2020",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
}
]
}
CVE-2019-8265
Vulnerability from fstec - Published: 05.03.2019
VLAI Severity ?
Title
Уязвимость VNC-клиента программного средства управления удалёнными рабочими столами UltraVNC, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость VNC-клиента программного средства управления удалёнными рабочими столами UltraVNC связана с записью за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код с помощью набора команд SETPIXELS
Severity ?
Vendor
Team UltraVNC, Schneider Electric
Software Name
UltraVNC, TelevisGo
Software Version
до 1.2.2.3 (UltraVNC), - (TelevisGo)
Possible Mitigations
Использование рекомендаций:
Для UltraVNC:
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/
Для TelevisGo:
Обновление программного обеспечения до актуальной версии
Reference
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/
https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-225-05-TelevisGO_Security_Notification.pdf&p_Doc_Ref=SEVD-2019-225-05
CWE
CWE-125, CWE-787, CWE-788
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Team UltraVNC, Schneider Electric",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 1.2.2.3 (UltraVNC), - (TelevisGo)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f UltraVNC:\nhttps://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/\n\n\u0414\u043b\u044f TelevisGo:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "05.03.2019",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.04.2020",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.04.2020",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-01547",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-8265",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "UltraVNC, TelevisGo",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VNC-\u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c\u0438 \u0440\u0430\u0431\u043e\u0447\u0438\u043c\u0438 \u0441\u0442\u043e\u043b\u0430\u043c\u0438 UltraVNC, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0427\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-125), \u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787), \u0414\u043e\u0441\u0442\u0443\u043f \u043a \u044f\u0447\u0435\u0439\u043a\u0435 \u043f\u0430\u043c\u044f\u0442\u0438, \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0435\u0439 \u043e\u043a\u043e\u043d\u0447\u0430\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-788)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VNC-\u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c\u0438 \u0440\u0430\u0431\u043e\u0447\u0438\u043c\u0438 \u0441\u0442\u043e\u043b\u0430\u043c\u0438 UltraVNC \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u0430\u0431\u043e\u0440\u0430 \u043a\u043e\u043c\u0430\u043d\u0434 SETPIXELS",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/\nhttps://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-225-05-TelevisGO_Security_Notification.pdf\u0026p_Doc_Ref=SEVD-2019-225-05",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041f\u041e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0410\u0421\u0423 \u0422\u041f",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-125, CWE-787, CWE-788",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}
GSD-2019-8265
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-8265",
"description": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208.",
"id": "GSD-2019-8265"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-8265"
],
"details": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208.",
"id": "GSD-2019-8265",
"modified": "2023-12-13T01:23:48.707095Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.2.2.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2019-8265"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"tags": [],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"tags": [],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"tags": [],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"tags": [],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"tags": [],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-06-28T12:15Z",
"publishedDate": "2019-03-08T23:29Z"
}
}
}
GHSA-96HW-425V-FCG3
Vulnerability from github – Published: 2022-05-13 01:09 – Updated: 2022-05-13 01:09
VLAI?
Details
UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2019-8265"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-03-08T23:29:00Z",
"severity": "CRITICAL"
},
"details": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208.",
"id": "GHSA-96hw-425v-fcg3",
"modified": "2022-05-13T01:09:07Z",
"published": "2022-05-13T01:09:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8265"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"type": "WEB",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer"
},
{
"type": "WEB",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
},
{
"type": "WEB",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CNVD-2019-10287
Vulnerability from cnvd - Published: 2019-04-17
VLAI Severity ?
Title
UltraVNC越界访问漏洞(CNVD-2019-10287)
Description
UltraVNC是一款用于Windows平台的开源远程终端控制软件。
UltraVNC 1207版本中存在安全漏洞。攻击者可通过网络连接利用该漏洞执行代码。
Severity
高
Patch Name
UltraVNC越界访问漏洞(CNVD-2019-10287)的补丁
Patch Description
UltraVNC是一款用于Windows平台的开源远程终端控制软件。
UltraVNC 1207版本中存在安全漏洞。攻击者可通过网络连接利用该漏洞执行代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布漏洞修复程序,请及时关注更新: https://www.uvnc.com/
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-8265
Impacted products
| Name | UltraVNC UltraVNC 1207 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-8265"
}
},
"description": "UltraVNC\u662f\u4e00\u6b3e\u7528\u4e8eWindows\u5e73\u53f0\u7684\u5f00\u6e90\u8fdc\u7a0b\u7ec8\u7aef\u63a7\u5236\u8f6f\u4ef6\u3002\n\nUltraVNC 1207\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7f51\u7edc\u8fde\u63a5\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002",
"discovererName": "unknwon",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.uvnc.com/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-10287",
"openTime": "2019-04-17",
"patchDescription": "UltraVNC\u662f\u4e00\u6b3e\u7528\u4e8eWindows\u5e73\u53f0\u7684\u5f00\u6e90\u8fdc\u7a0b\u7ec8\u7aef\u63a7\u5236\u8f6f\u4ef6\u3002\r\n\r\nUltraVNC 1207\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7f51\u7edc\u8fde\u63a5\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "UltraVNC\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff08CNVD-2019-10287\uff09\u7684\u8865\u4e01",
"products": {
"product": "UltraVNC UltraVNC 1207"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-8265",
"serverity": "\u9ad8",
"submitTime": "2019-03-11",
"title": "UltraVNC\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff08CNVD-2019-10287\uff09"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…