Vulnerability-Lookup

CVE-2020-27737 (GCVE-0-2020-27737)

Vulnerability from cvelistv5 – Published: 2021-04-22 20:42 – Updated: 2024-08-04 16:18

Summary

A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C

CWE

CWE-125 - Out-of-bounds Read

Assigner

siemens

References

URL

Tags

	https://cert-portal.siemens.com/productcert/pdf/s…
	https://cert-portal.siemens.com/productcert/pdf/s…
	https://cert-portal.siemens.com/productcert/pdf/s…

Impacted products

Vendor

Product

Version

Siemens

APOGEE PXC Compact (BACnet)

Affected: All versions < V3.5.5

Siemens	APOGEE PXC Compact (P2 Ethernet)	Affected: All versions < V2.8.20
Siemens	APOGEE PXC Modular (BACnet)	Affected: All versions < V3.5.5
Siemens	APOGEE PXC Modular (P2 Ethernet)	Affected: All versions < V2.8.20
Siemens	Nucleus NET	Affected: All versions
Siemens	Nucleus ReadyStart V3	Affected: All versions < V2017.02.3
Siemens	Nucleus ReadyStart V4	Affected: All versions < V4.1.0
Siemens	Nucleus Source Code	Affected: Versions including affected DNS modules
Siemens	SIMOTICS CONNECT 400	Affected: All versions < V0.5.0.0
Siemens	TALON TC Compact (BACnet)	Affected: All versions < V3.5.5
Siemens	TALON TC Modular (BACnet)	Affected: All versions < V3.5.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T16:18:45.586Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Compact (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "APOGEE PXC Modular (P2 Ethernet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.8.20"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus NET",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2017.02.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus ReadyStart V4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Nucleus Source Code",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "Versions including affected DNS modules"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOTICS CONNECT 400",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V0.5.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Compact (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TALON TC Modular (BACnet)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.5.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition  or leak the memory past the allocated structure."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-08T09:20:04.435Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-27737",
    "datePublished": "2021-04-22T20:42:19.000Z",
    "dateReserved": "2020-10-26T00:00:00.000Z",
    "dateUpdated": "2024-08-04T16:18:45.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-27737

Vulnerability from fstec - Published: 14.04.2021

Title

Уязвимость функции синтаксического анализа записей доменных имен DNS программно-аппаратного комплекса Simotics Connect 400, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции синтаксического анализа записей доменных имен DNS программно-аппаратного комплекса Simotics Connect 400 связана с чтением за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

Vendor

Siemens AG

Software Name

SIMOTICS CONNECT 400

Software Version

до 0.5.0.0 (SIMOTICS CONNECT 400)

Possible Mitigations

Использование рекомендаций: https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf

Reference

https://www.securitylab.ru/news/518760.php https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf https://www.cybersecurity-help.cz/vdb/SB2021041407 https://us-cert.cisa.gov/ics/advisories/icsa-21-103-13

CWE

CWE-125

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:N/C:P/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Siemens AG",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 0.5.0.0 (SIMOTICS CONNECT 400)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.04.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.04.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "21.04.2021",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-02173",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-27737",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "SIMOTICS CONNECT 400",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u0445 \u0438\u043c\u0435\u043d DNS \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u0430 Simotics Connect 400, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0427\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-125)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u0445 \u0438\u043c\u0435\u043d DNS \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u0430 Simotics Connect 400 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0447\u0442\u0435\u043d\u0438\u0435\u043c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.securitylab.ru/news/518760.php\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf\nhttps://www.cybersecurity-help.cz/vdb/SB2021041407\nhttps://us-cert.cisa.gov/ics/advisories/icsa-21-103-13",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-125",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,1)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,5)"
}

CERTFR-2023-AVI-0633

Vulnerability from certfr_avis - Published: 2023-08-08 - Updated: 2023-08-08

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

SICAM TOOLBOX II versions antérieures à 07.10
Périphériques RUGGEDCOM ROS versions antérieures à 4.3.8
Solid Edge SE2023 versions antérieures à 223.0 Update 7
RUGGEDCOM CROSSBOW versions antérieures à 5.4
Parasolid versions 34.1.x antérieures à 34.1.258
Parasolid versions 35.0.x antérieures à 35.0.254
Parasolid versions 35.1.x antérieures à 35.1.197
Teamcenter Visualization versions 14.1.x, se référer à l'avis éditeur pour plus d'information sur les mesures de contournement
Teamcenter Visualization versions 14.2.x antérieures à 14.2.0.6
Teamcenter Visualization versions 14.3.x, se référer à l'avis éditeur pour plus d'information sur les mesures de contournement
SIMATIC contrôleur de disque CPU 1504D versions antérieures à 3.0.3
SIMATIC contrôleur de disque CPU 1507D versions antérieures à 3.0.3
SIMATIC ET toutes versions
SIMATIC IPC toutes versions
SIMATIC S7 versions antérieures à 3.0.3
SIPLUS ET versions antérieures à 3.3.19
SIPLUS S7 versions antérieures à 3.0.3
Siemens Software Center versions antérieures à 3.0
APOGEE PXC Compact versions antérieures à 3.5.5
APOGEE PXC Compact (P2 Ethernet) versions antérieures à 2.8.20
APOGEE PXC Modular (BACnet) versions antérieures à 3.5.5
APOGEE PXC Modular (P2 Ethernet) versions antérieures à 2.8.20
TALON TC Compact versions antérieures à 3.5.5
TALON TC Modular (BACnet) versions antérieures à 3.5.5
JT2Go versions antérieures à 14.2.0.5
Solid Edge SE2022 versions antérieures à 222.0 Update 13
Solid Edge SE2023 versions antérieures à 223.0 Update 4
Teamcenter Visualization versions 13.2.x antérieures à 13.2.0.15
Teamcenter Visualization versions 13.3.x antérieures à 13.3.0.11
Teamcenter Visualization versions 14.1.x antérieures à 14.1.0.11
Teamcenter Visualization versions 14.2.x antérieures à 14.2.0.5
Parasolid versions 35.0.x sans la procédure de réinstallation
Parasolid versions 35.1.x sans la procédure de réinstallation
JT Open versions antérieures à 11.4
JT Utilities versions antérieures à 13.4
Parasolid versions 34.0.x antérieures à 34.0.253
Parasolid versions 34.1.x antérieures à 34.1.243
Parasolid versions 35.0.x antérieures à 35.0.177
Parasolid versions 35.1.x antérieures à 35.1.073

L'éditeur ne propose pas de correctif pour certains produits RUGGEDCOM ROS, SIMATIC ou SIPLUS, se référer aux avis pour obtenir plus d'informations sur les mesures de contournement.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-472630 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-264815 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-770902 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-975961 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-908185 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-131450 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-407785 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-180579 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-811403 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-264814 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-116172 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-188491 du 8 août 2023	None	vendor-advisory
Bulletin de sécurité Siemens ssa-001569 du 8 août 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eSICAM TOOLBOX II versions ant\u00e9rieures \u00e0 07.10\u003c/li\u003e \u003cli\u003eP\u00e9riph\u00e9riques RUGGEDCOM ROS versions ant\u00e9rieures \u00e0 4.3.8\u003c/li\u003e \u003cli\u003eSolid Edge SE2023 versions ant\u00e9rieures \u00e0 223.0 Update 7\u003c/li\u003e \u003cli\u003eRUGGEDCOM CROSSBOW versions ant\u00e9rieures \u00e0 5.4\u003c/li\u003e \u003cli\u003eParasolid versions 34.1.x ant\u00e9rieures \u00e0 34.1.258\u003c/li\u003e \u003cli\u003eParasolid versions 35.0.x ant\u00e9rieures \u00e0 35.0.254\u003c/li\u003e \u003cli\u003eParasolid versions 35.1.x ant\u00e9rieures \u00e0 35.1.197\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.1.x, se r\u00e9f\u00e9rer \u00e0 l\u0027avis \u00e9diteur pour plus d\u0027information sur les mesures de contournement\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.2.x ant\u00e9rieures \u00e0 14.2.0.6\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.3.x, se r\u00e9f\u00e9rer \u00e0 l\u0027avis \u00e9diteur pour plus d\u0027information sur les mesures de contournement\u003c/li\u003e \u003cli\u003eSIMATIC contr\u00f4leur de disque CPU 1504D versions ant\u00e9rieures \u00e0 3.0.3\u003c/li\u003e \u003cli\u003eSIMATIC contr\u00f4leur de disque CPU 1507D versions ant\u00e9rieures \u00e0 3.0.3\u003c/li\u003e \u003cli\u003eSIMATIC ET toutes versions\u003c/li\u003e \u003cli\u003eSIMATIC IPC toutes versions\u003c/li\u003e \u003cli\u003eSIMATIC S7 versions ant\u00e9rieures \u00e0 3.0.3\u003c/li\u003e \u003cli\u003eSIPLUS ET versions ant\u00e9rieures \u00e0 3.3.19\u003c/li\u003e \u003cli\u003eSIPLUS S7 versions ant\u00e9rieures \u00e0 3.0.3\u003c/li\u003e \u003cli\u003eSiemens Software Center versions ant\u00e9rieures \u00e0 3.0\u003c/li\u003e \u003cli\u003eAPOGEE PXC Compact versions ant\u00e9rieures \u00e0 3.5.5\u003c/li\u003e \u003cli\u003eAPOGEE PXC Compact (P2 Ethernet) versions ant\u00e9rieures \u00e0 2.8.20\u003c/li\u003e \u003cli\u003eAPOGEE PXC Modular (BACnet) versions ant\u00e9rieures \u00e0 3.5.5\u003c/li\u003e \u003cli\u003eAPOGEE PXC Modular (P2 Ethernet) versions ant\u00e9rieures \u00e0 2.8.20\u003c/li\u003e \u003cli\u003eTALON TC Compact versions ant\u00e9rieures \u00e0 3.5.5\u003c/li\u003e \u003cli\u003eTALON TC Modular (BACnet) versions ant\u00e9rieures \u00e0 3.5.5\u003c/li\u003e \u003cli\u003eJT2Go versions ant\u00e9rieures \u00e0 14.2.0.5\u003c/li\u003e \u003cli\u003eSolid Edge SE2022 versions ant\u00e9rieures \u00e0 222.0 Update 13\u003c/li\u003e \u003cli\u003eSolid Edge SE2023 versions ant\u00e9rieures \u00e0 223.0 Update 4\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 13.2.x ant\u00e9rieures \u00e0 13.2.0.15\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 13.3.x ant\u00e9rieures \u00e0 13.3.0.11\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.1.x ant\u00e9rieures \u00e0 14.1.0.11\u003c/li\u003e \u003cli\u003eTeamcenter Visualization versions 14.2.x ant\u00e9rieures \u00e0 14.2.0.5\u003c/li\u003e \u003cli\u003eParasolid versions 35.0.x sans la proc\u00e9dure de r\u00e9installation\u003c/li\u003e \u003cli\u003eParasolid versions 35.1.x sans la proc\u00e9dure de r\u00e9installation\u003c/li\u003e \u003cli\u003eJT Open versions ant\u00e9rieures \u00e0 11.4\u003c/li\u003e \u003cli\u003eJT Utilities versions ant\u00e9rieures \u00e0 13.4\u003c/li\u003e \u003cli\u003eParasolid versions 34.0.x ant\u00e9rieures \u00e0 34.0.253\u003c/li\u003e \u003cli\u003eParasolid versions 34.1.x ant\u00e9rieures \u00e0 34.1.243\u003c/li\u003e \u003cli\u003eParasolid versions 35.0.x ant\u00e9rieures \u00e0 35.0.177\u003c/li\u003e \u003cli\u003eParasolid versions 35.1.x ant\u00e9rieures \u00e0 35.1.073\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eL\u0027\u00e9diteur ne propose pas de correctif pour certains produits RUGGEDCOM ROS, SIMATIC ou SIPLUS, se r\u00e9f\u00e9rer aux avis pour obtenir plus d\u0027informations sur les mesures de contournement.\u003c/p\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-27009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27009"
    },
    {
      "name": "CVE-2022-37971",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-37971"
    },
    {
      "name": "CVE-2023-27411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27411"
    },
    {
      "name": "CVE-2020-28388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28388"
    },
    {
      "name": "CVE-2023-24845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24845"
    },
    {
      "name": "CVE-2023-39419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39419"
    },
    {
      "name": "CVE-2023-39183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39183"
    },
    {
      "name": "CVE-2022-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
    },
    {
      "name": "CVE-2020-27736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27736"
    },
    {
      "name": "CVE-2023-39269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39269"
    },
    {
      "name": "CVE-2023-0286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
    },
    {
      "name": "CVE-2023-38526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38526"
    },
    {
      "name": "CVE-2023-38641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38641"
    },
    {
      "name": "CVE-2023-39187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39187"
    },
    {
      "name": "CVE-2023-39188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39188"
    },
    {
      "name": "CVE-2020-15795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15795"
    },
    {
      "name": "CVE-2023-39185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39185"
    },
    {
      "name": "CVE-2022-39062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-39062"
    },
    {
      "name": "CVE-2023-28830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28830"
    },
    {
      "name": "CVE-2023-38531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38531"
    },
    {
      "name": "CVE-2023-38524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38524"
    },
    {
      "name": "CVE-2023-39186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39186"
    },
    {
      "name": "CVE-2023-37372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37372"
    },
    {
      "name": "CVE-2021-41544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41544"
    },
    {
      "name": "CVE-2022-25634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25634"
    },
    {
      "name": "CVE-2023-39182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39182"
    },
    {
      "name": "CVE-2021-31239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
    },
    {
      "name": "CVE-2023-37373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37373"
    },
    {
      "name": "CVE-2023-39184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39184"
    },
    {
      "name": "CVE-2023-38525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38525"
    },
    {
      "name": "CVE-2020-27738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27738"
    },
    {
      "name": "CVE-2023-30795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30795"
    },
    {
      "name": "CVE-2023-38530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38530"
    },
    {
      "name": "CVE-2023-38527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38527"
    },
    {
      "name": "CVE-2022-45937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-45937"
    },
    {
      "name": "CVE-2023-37378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37378"
    },
    {
      "name": "CVE-2023-38528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38528"
    },
    {
      "name": "CVE-2023-39181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39181"
    },
    {
      "name": "CVE-2023-4304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4304"
    },
    {
      "name": "CVE-2023-38682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38682"
    },
    {
      "name": "CVE-2023-38532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38532"
    },
    {
      "name": "CVE-2023-30796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30796"
    },
    {
      "name": "CVE-2023-38529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38529"
    },
    {
      "name": "CVE-2023-38683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-38683"
    },
    {
      "name": "CVE-2020-27737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27737"
    },
    {
      "name": "CVE-2021-25677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25677"
    }
  ],
  "initial_release_date": "2023-08-08T00:00:00",
  "last_revision_date": "2023-08-08T00:00:00",
  "links": [],
  "reference": "CERTFR-2023-AVI-0633",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-08-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-472630 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-472630.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-264815 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-264815.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-770902 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-770902.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-975961 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-975961.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-908185 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-908185.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-131450 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-131450.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-407785 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-407785.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-180579 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-180579.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-811403 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-811403.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-264814 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-264814.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-116172 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-116172.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-188491 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-188491.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-001569 du 8 ao\u00fbt 2023",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-001569.html"
    }
  ]
}

CERTFR-2021-AVI-255

Vulnerability from certfr_avis - Published: 2021-04-14 - Updated: 2021-04-14

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	LOGO! Soft Comfort toutes versions
Siemens	N/A	Siveillance Video Open Network Bridge:2019 R2
Siemens	N/A	Solid Edge SE2021 versions antérieures à SE2021MP4
Siemens	N/A	SIMATIC NET CP 443-1 Advanced (incl. SIPLUSvariants) versions antérieures à V3.2.9
Siemens	N/A	Siveillance Video Open Network Bridge:2019 R3
Siemens	N/A	Nucleus NET versions antérieures à 5.2
Siemens	N/A	TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUSNET variants) versions antérieures à V2.6.0
Siemens	N/A	SiNVR/SiVMS Video Server toutes versions
Siemens	N/A	Nucleus RTOS versions contenant le module DNS affecté
Siemens	N/A	SIMATIC NET CP 343-1 Advanced (incl. SIPLUSvariants) versions antérieures à V3.0.44
Siemens	N/A	Solid Edge SE2020 toutes versions
Siemens	N/A	SIMATIC NET CP 343-1 Lean (incl. SIPLUS vari-ants) versions antérieures à V3.1.1
Siemens	N/A	SIMATIC NET CP 443-5 Basic (incl. SIPLUS vari-ants) toutes versions
Siemens	N/A	Opcenter Quality versions antérieures à 12.2
Siemens	N/A	Siveillance Video Open Network Bridge:2019 R1
Siemens	N/A	SIMATIC NET CP 443-5 Extended toutes versions
Siemens	N/A	VSTAR versions contenant le module DNS affecté
Siemens	N/A	Control Center Server (CCS) toutes versions
Siemens	N/A	TIM 4R-IE (incl. SIPLUS NET variants) toutes versions
Siemens	N/A	Siveillance Video Open Network Bridge:2020 R1
Siemens	N/A	SINEMA Remote Connect Server versions antérieures à 3.0
Siemens	N/A	Siveillance Video Open Network Bridge:2020 R2
Siemens	N/A	SIMATIC NET CP 343-1 Standard (incl. SIPLUSvariants) versions antérieures à V3.1.1
Siemens	N/A	SIMATIC NET CP 443-1 Standard (incl. SIPLUSvariants) versions antérieures à V3.2.9
Siemens	N/A	SIMATIC NET CP 342-5 (incl. SIPLUS variants) toutes versions
Siemens	N/A	Siveillance Video Open Network Bridge:2018 R2
Siemens	N/A	Nucleus ReadyStart toutes versions
Siemens	N/A	Nucleus 4 versions antérieures à 4.1.0
Siemens	N/A	Siveillance Video Open Network Bridge:2018 R3
Siemens	N/A	QMS Automotive versions antérieures à 12.30
Siemens	N/A	Tecnomatix RobotExpert versions antérieures à 16.1
Siemens	N/A	TIM 3V-IE DNP3 (incl. SIPLUS NET variants) versions antérieures à V3.1.0
Siemens	N/A	Siveillance Video Open Network Bridge:2020 R3
Siemens	N/A	Nucleus Source Code versions contenant le module DNS affecté
Siemens	N/A	TIM 4R-IE DNP3 (incl. SIPLUS NET variants) toutes versions
Siemens	N/A	SIMOTICS CONNECT 400 toutes verions

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-788287 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-248289 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-853866 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-185699 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-983300 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-844761 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-163226 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-763427 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-497656 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-761617 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-669158 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-574442 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-705111 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-292794 du 13 avril 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-761844 du 13 avril 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "LOGO! Soft Comfort toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video Open Network Bridge:2019 R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Solid Edge SE2021 versions ant\u00e9rieures \u00e0 SE2021MP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 443-1 Advanced (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.2.9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video Open Network Bridge:2019 R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus NET versions ant\u00e9rieures \u00e0 5.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIM 3V-IE / TIM 3V-IE Advanced (incl. SIPLUSNET variants) versions ant\u00e9rieures \u00e0 V2.6.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SiNVR/SiVMS Video Server toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus RTOS versions contenant le module DNS affect\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 343-1 Advanced (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.0.44",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Solid Edge SE2020 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 343-1 Lean (incl. SIPLUS vari-ants) versions ant\u00e9rieures \u00e0 V3.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 443-5 Basic (incl. SIPLUS vari-ants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Opcenter Quality versions ant\u00e9rieures \u00e0 12.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video Open Network Bridge:2019 R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 443-5 Extended toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "VSTAR versions contenant le module DNS affect\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Control Center Server (CCS) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIM 4R-IE (incl. SIPLUS NET variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video Open Network Bridge:2020 R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINEMA Remote Connect Server versions ant\u00e9rieures \u00e0 3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video Open Network Bridge:2020 R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 343-1 Standard (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 443-1 Standard (incl. SIPLUSvariants) versions ant\u00e9rieures \u00e0 V3.2.9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC NET CP 342-5 (incl. SIPLUS variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video Open Network Bridge:2018 R2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus ReadyStart toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus 4 versions ant\u00e9rieures \u00e0 4.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video Open Network Bridge:2018 R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "QMS Automotive versions ant\u00e9rieures \u00e0 12.30",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Tecnomatix RobotExpert versions ant\u00e9rieures \u00e0 16.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIM 3V-IE DNP3 (incl. SIPLUS NET variants) versions ant\u00e9rieures \u00e0 V3.1.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video Open Network Bridge:2020 R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus Source Code versions contenant le module DNS affect\u00e9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIM 4R-IE DNP3 (incl. SIPLUS NET variants) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMOTICS CONNECT 400 toutes verions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-27009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27009"
    },
    {
      "name": "CVE-2015-7855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7855"
    },
    {
      "name": "CVE-2019-18339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18339"
    },
    {
      "name": "CVE-2016-1547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1547"
    },
    {
      "name": "CVE-2015-7973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7973"
    },
    {
      "name": "CVE-2016-4953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4953"
    },
    {
      "name": "CVE-2021-27389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27389"
    },
    {
      "name": "CVE-2021-27382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27382"
    },
    {
      "name": "CVE-2020-27736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27736"
    },
    {
      "name": "CVE-2021-27380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27380"
    },
    {
      "name": "CVE-2015-5219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5219"
    },
    {
      "name": "CVE-2016-1550",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1550"
    },
    {
      "name": "CVE-2015-7977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7977"
    },
    {
      "name": "CVE-2015-7705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7705"
    },
    {
      "name": "CVE-2021-27392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27392"
    },
    {
      "name": "CVE-2019-19956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19956"
    },
    {
      "name": "CVE-2021-25663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25663"
    },
    {
      "name": "CVE-2020-15795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15795"
    },
    {
      "name": "CVE-2015-8138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8138"
    },
    {
      "name": "CVE-2016-4954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4954"
    },
    {
      "name": "CVE-2021-25664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25664"
    },
    {
      "name": "CVE-2020-25243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25243"
    },
    {
      "name": "CVE-2015-7974",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7974"
    },
    {
      "name": "CVE-2015-8214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8214"
    },
    {
      "name": "CVE-2019-19299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19299"
    },
    {
      "name": "CVE-2020-28385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28385"
    },
    {
      "name": "CVE-2021-25678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25678"
    },
    {
      "name": "CVE-2020-7595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7595"
    },
    {
      "name": "CVE-2021-27393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27393"
    },
    {
      "name": "CVE-2020-25244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25244"
    },
    {
      "name": "CVE-2019-18340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18340"
    },
    {
      "name": "CVE-2021-25670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25670"
    },
    {
      "name": "CVE-2015-7979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7979"
    },
    {
      "name": "CVE-2015-7871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7871"
    },
    {
      "name": "CVE-2020-27738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27738"
    },
    {
      "name": "CVE-2019-19298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19298"
    },
    {
      "name": "CVE-2020-26997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26997"
    },
    {
      "name": "CVE-2019-19291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19291"
    },
    {
      "name": "CVE-2020-27737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27737"
    },
    {
      "name": "CVE-2019-19297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19297"
    },
    {
      "name": "CVE-2016-1548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1548"
    },
    {
      "name": "CVE-2021-25677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25677"
    },
    {
      "name": "CVE-2019-19296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19296"
    }
  ],
  "initial_release_date": "2021-04-14T00:00:00",
  "last_revision_date": "2021-04-14T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-AVI-255",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-04-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-788287 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-248289 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-853866 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-853866.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-185699 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-983300 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-983300.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-844761 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-844761.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-163226 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-163226.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-763427 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-763427.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-497656 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-761617 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761617.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-669158 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-574442 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-574442.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-705111 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-292794 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-761844 du 13 avril 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-761844.pdf"
    }
  ]
}

CERTFR-2021-AVI-854

Vulnerability from certfr_avis - Published: 2021-11-09 - Updated: 2021-11-09

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	Capital VSTAR versions incluant les modules DNS
Siemens	N/A	Nucleus Source Code toutes versions
Siemens	N/A	Mendix Applications using Mendix 9 toutes versions antérieures à V9.6.2
Siemens	N/A	Nucleus NET toutes versions
Siemens	N/A	SIMATIC WinCC V15 toutes versions
Siemens	N/A	SIMATIC WinCC V17 toutes versions
Siemens	N/A	SIMATIC WinCC OA V3.18 toutes versions
Siemens	N/A	NX 1980 Series toutes versions antérieures à V1984
Siemens	N/A	APOGEE MEC (PPC) (BACnet) toutes versions
Siemens	N/A	APOGEE PXC Compact (P2 Ethernet) toutes versions
Siemens	N/A	SIMATIC WinCC V7.5 toutes versions antérieures à V7.5 SP2 Update 5
Siemens	N/A	SIMATIC WinCC OA V3.17 toutes versions
Siemens	N/A	Climatix POL909 (AWM module) toutes versions antérieures à V11.34
Siemens	N/A	SCALANCE W1750D toutes versions antérieures à V8.7.1.3
Siemens	N/A	SIMATIC PCS 7 V9.0 toutes versions
Siemens	N/A	Siveillance Video DLNA Server 2021 R1
Siemens	N/A	SIMATIC PCS 7 V9.1 toutes versions
Siemens	N/A	Mendix Applications using Mendix 7 toutes versions antérieures à V7.23.26
Siemens	N/A	SIMATIC WinCC V7.4 toutes versions
Siemens	N/A	APOGEE PXC Modular (BACnet) toutes versions
Siemens	N/A	Nucleus Source Code versions incluant les modules DNS
Siemens	N/A	SIMATIC WinCC V16 toutes versions
Siemens	N/A	SIMATIC Information Server toutes versions >= V2019 SP1
Siemens	N/A	SICAM 230 toutes versions
Siemens	N/A	Nucleus ReadyStart V4 toutes versions antérieures à V4.1.1
Siemens	N/A	Mendix Applications using Mendix 8 toutes versions antérieures à V8.18.13
Siemens	N/A	APOGEE PXC Modular (P2 Ethernet) toutes versions
Siemens	N/A	Nucleus ReadyStart V3 toutes versions antérieures à V2017.02.4
Siemens	N/A	SIMATIC RTLS Locating Manager toutes versions antérieures à V2.12
Siemens	N/A	Siveillance Video DLNA Server 2020 R1, 2020 R2, 2020 R3
Siemens	N/A	Capital VSTAR toutes versions
Siemens	N/A	Siveillance Video DLNA Server 2019 R1, 2019 R2, 2019 R3
Siemens	N/A	Nucleus ReadyStart V3 toutes versions antérieures à V2013.08
Siemens	N/A	APOGEE MEC (PPC) (P2 Ethernet) toutes versions
Siemens	N/A	PSS(R)ODMS V12 toutes versions antérieures à V12.2.6.1
Siemens	N/A	Nucleus ReadyStart V3 toutes versions antérieures à V2012.12
Siemens	N/A	SENTRON powermanager V3 toutes versions
Siemens	N/A	APOGEE PXC Compact (BACnet) toutes versions
Siemens	N/A	TALON TC Compact (BACnet) toutes versions
Siemens	N/A	NX 1980 Series toutes versions antérieures à V1988
Siemens	N/A	PSS(R)E V34 toutes versions antérieures à V34.9.1
Siemens	N/A	APOGEE MBC (PPC) (P2 Ethernet) toutes versions
Siemens	N/A	NX 1953 Series toutes versions antérieures à V1973.3700
Siemens	N/A	APOGEE MBC (PPC) (BACnet) toutes versions
Siemens	N/A	PSS(R)E V35 toutes versions antérieures à V35.3.2
Siemens	N/A	SIMATIC PCS 7 V8.2 toutes versions
Siemens	N/A	TALON TC Modular (BACnet) toutes versions

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-248289 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-703715 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-840188 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-362164 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-044112 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-328042 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-917476 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-114589 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-201384 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-537983 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-779699 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-580693 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-185699 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-740908 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-145157 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-338732 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-755517 du 9 novembre 2021	None	vendor-advisory
Bulletin de sécurité Siemens ssa-705111 du 9 novembre 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Capital VSTAR versions incluant les modules DNS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus Source Code toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Mendix Applications using Mendix 9 toutes versions ant\u00e9rieures \u00e0 V9.6.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus NET toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V15 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V17 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC OA V3.18 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "NX 1980 Series toutes versions ant\u00e9rieures \u00e0 V1984",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE MEC (PPC) (BACnet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE PXC Compact (P2 Ethernet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V7.5 toutes versions ant\u00e9rieures \u00e0 V7.5 SP2 Update 5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC OA V3.17 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Climatix POL909 (AWM module) toutes versions ant\u00e9rieures \u00e0 V11.34",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE W1750D toutes versions ant\u00e9rieures \u00e0 V8.7.1.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7 V9.0 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video DLNA Server 2021 R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7 V9.1 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Mendix Applications using Mendix 7 toutes versions ant\u00e9rieures \u00e0 V7.23.26",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V7.4 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE PXC Modular (BACnet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus Source Code versions incluant les modules DNS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V16 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC Information Server toutes versions \u003e= V2019 SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SICAM 230 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus ReadyStart V4 toutes versions ant\u00e9rieures \u00e0 V4.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Mendix Applications using Mendix 8 toutes versions ant\u00e9rieures \u00e0 V8.18.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE PXC Modular (P2 Ethernet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus ReadyStart V3 toutes versions ant\u00e9rieures \u00e0 V2017.02.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC RTLS Locating Manager toutes versions ant\u00e9rieures \u00e0 V2.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video DLNA Server 2020 R1, 2020 R2, 2020 R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Capital VSTAR toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Siveillance Video DLNA Server 2019 R1, 2019 R2, 2019 R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus ReadyStart V3 toutes versions ant\u00e9rieures \u00e0 V2013.08",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE MEC (PPC) (P2 Ethernet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "PSS(R)ODMS V12 toutes versions ant\u00e9rieures \u00e0 V12.2.6.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Nucleus ReadyStart V3 toutes versions ant\u00e9rieures \u00e0 V2012.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SENTRON powermanager V3 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE PXC Compact (BACnet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TALON TC Compact (BACnet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "NX 1980 Series toutes versions ant\u00e9rieures \u00e0 V1988",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "PSS(R)E V34 toutes versions ant\u00e9rieures \u00e0 V34.9.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE MBC (PPC) (P2 Ethernet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "NX 1953 Series toutes versions ant\u00e9rieures \u00e0 V1973.3700",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "APOGEE MBC (PPC) (BACnet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "PSS(R)E V35 toutes versions ant\u00e9rieures \u00e0 V35.3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7 V8.2 toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TALON TC Modular (BACnet) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-27009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27009"
    },
    {
      "name": "CVE-2021-31881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31881"
    },
    {
      "name": "CVE-2020-28388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-28388"
    },
    {
      "name": "CVE-2021-42026",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42026"
    },
    {
      "name": "CVE-2021-37734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37734"
    },
    {
      "name": "CVE-2021-42025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42025"
    },
    {
      "name": "CVE-2021-37732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37732"
    },
    {
      "name": "CVE-2021-31888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31888"
    },
    {
      "name": "CVE-2020-27736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27736"
    },
    {
      "name": "CVE-2021-31885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31885"
    },
    {
      "name": "CVE-2021-31887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31887"
    },
    {
      "name": "CVE-2020-10053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10053"
    },
    {
      "name": "CVE-2021-37735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37735"
    },
    {
      "name": "CVE-2021-41533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41533"
    },
    {
      "name": "CVE-2021-25663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25663"
    },
    {
      "name": "CVE-2021-31884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31884"
    },
    {
      "name": "CVE-2021-42015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42015"
    },
    {
      "name": "CVE-2021-40366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40366"
    },
    {
      "name": "CVE-2020-15795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15795"
    },
    {
      "name": "CVE-2021-31882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31882"
    },
    {
      "name": "CVE-2021-25664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25664"
    },
    {
      "name": "CVE-2021-41057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41057"
    },
    {
      "name": "CVE-2021-37207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37207"
    },
    {
      "name": "CVE-2021-40358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40358"
    },
    {
      "name": "CVE-2020-10052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10052"
    },
    {
      "name": "CVE-2021-37726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37726"
    },
    {
      "name": "CVE-2020-10054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10054"
    },
    {
      "name": "CVE-2021-41535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41535"
    },
    {
      "name": "CVE-2021-37727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37727"
    },
    {
      "name": "CVE-2021-27393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27393"
    },
    {
      "name": "CVE-2021-31346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31346"
    },
    {
      "name": "CVE-2021-40364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40364"
    },
    {
      "name": "CVE-2020-27738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27738"
    },
    {
      "name": "CVE-2021-31889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31889"
    },
    {
      "name": "CVE-2021-42021",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-42021"
    },
    {
      "name": "CVE-2021-31883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31883"
    },
    {
      "name": "CVE-2021-41538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41538"
    },
    {
      "name": "CVE-2021-40359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-40359"
    },
    {
      "name": "CVE-2021-31886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31886"
    },
    {
      "name": "CVE-2021-41534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-41534"
    },
    {
      "name": "CVE-2021-31890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31890"
    },
    {
      "name": "CVE-2021-37730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37730"
    },
    {
      "name": "CVE-2021-31345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31345"
    },
    {
      "name": "CVE-2020-27737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-27737"
    },
    {
      "name": "CVE-2021-31344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31344"
    },
    {
      "name": "CVE-2021-25677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-25677"
    }
  ],
  "initial_release_date": "2021-11-09T00:00:00",
  "last_revision_date": "2021-11-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2021-AVI-854",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-11-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-248289 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-248289.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-703715 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-703715.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-840188 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-362164 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-044112 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-044112.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-328042 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-328042.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-917476 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-114589 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-201384 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-201384.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-537983 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-537983.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-779699 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-779699.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-580693 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-580693.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-185699 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-740908 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-740908.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-145157 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-145157.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-338732 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-338732.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-755517 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-755517.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-705111 du 9 novembre 2021",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
    }
  ]
}

GHSA-J94W-W786-MV9M

Vulnerability from github – Published: 2022-05-24 17:48 – Updated: 2022-05-24 17:48

Details

A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions < V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-27737"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-04-22T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in Nucleus 4 (All versions \u003c V4.1.0), Nucleus NET (All versions), Nucleus RTOS (versions including affected DNS modules), Nucleus ReadyStart (All versions \u003c V2017.02.3), Nucleus Source Code (versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), VSTAR (versions including affected DNS modules). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.",
  "id": "GHSA-j94w-w786-mv9m",
  "modified": "2022-05-24T17:48:18Z",
  "published": "2022-05-24T17:48:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27737"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2021-28706

Vulnerability from cnvd - Published: 2021-04-15

Title

Siemens SIMOTICS CONNECT 400越界读取漏洞

Description

SIMOTICS CONNECT 400是一个连接器和传感器盒，安装在低压电机上，为MindSphere应用程序SIDRIVE IQ Fleet提供分析数据。 Siemens SIMOTICS CONNECT 400存在越界读取漏洞。攻击者可利用漏洞造成拒绝服务情况，或通过分配的结构泄露内存。

Severity

中

Patch Name

Siemens SIMOTICS CONNECT 400越界读取漏洞的补丁

Patch Description

SIMOTICS CONNECT 400是一个连接器和传感器盒，安装在低压电机上，为MindSphere应用程序SIDRIVE IQ Fleet提供分析数据。 Siemens SIMOTICS CONNECT 400存在越界读取漏洞。攻击者可利用漏洞造成拒绝服务情况，或通过分配的结构泄露内存。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf

Impacted products

Name
Siemens SIMOTICS CONNECT 400 < V0.5.0.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-27737"
    }
  },
  "description": "SIMOTICS CONNECT 400\u662f\u4e00\u4e2a\u8fde\u63a5\u5668\u548c\u4f20\u611f\u5668\u76d2\uff0c\u5b89\u88c5\u5728\u4f4e\u538b\u7535\u673a\u4e0a\uff0c\u4e3aMindSphere\u5e94\u7528\u7a0b\u5e8fSIDRIVE IQ Fleet\u63d0\u4f9b\u5206\u6790\u6570\u636e\u3002\n\nSiemens SIMOTICS CONNECT 400\u5b58\u5728\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u60c5\u51b5\uff0c\u6216\u901a\u8fc7\u5206\u914d\u7684\u7ed3\u6784\u6cc4\u9732\u5185\u5b58\u3002",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-28706",
  "openTime": "2021-04-15",
  "patchDescription": "SIMOTICS CONNECT 400\u662f\u4e00\u4e2a\u8fde\u63a5\u5668\u548c\u4f20\u611f\u5668\u76d2\uff0c\u5b89\u88c5\u5728\u4f4e\u538b\u7535\u673a\u4e0a\uff0c\u4e3aMindSphere\u5e94\u7528\u7a0b\u5e8fSIDRIVE IQ Fleet\u63d0\u4f9b\u5206\u6790\u6570\u636e\u3002\r\n\r\nSiemens SIMOTICS CONNECT 400\u5b58\u5728\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u60c5\u51b5\uff0c\u6216\u901a\u8fc7\u5206\u914d\u7684\u7ed3\u6784\u6cc4\u9732\u5185\u5b58\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SIMOTICS CONNECT 400\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Siemens SIMOTICS CONNECT 400 \u003c V0.5.0.0"
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf",
  "serverity": "\u4e2d",
  "submitTime": "2021-04-15",
  "title": "Siemens SIMOTICS CONNECT 400\u8d8a\u754c\u8bfb\u53d6\u6f0f\u6d1e"
}

FKIE_CVE-2020-27737

Vulnerability from fkie_nvd - Published: 2021-04-22 21:15 - Updated: 2024-11-21 05:21

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

Summary

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf	Patch, Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	simotics_connect_400_firmware	*
siemens	simotics_connect_400	-
siemens	nucleus_net	*
siemens	nucleus_readystart_v3	*
siemens	nucleus_readystart_v4	*
siemens	nucleus_source_code	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simotics_connect_400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F02FDCB9-0149-4EFA-9DBA-045C4AD84EC0",
              "versionEndExcluding": "0.5.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simotics_connect_400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48BFF9EF-D1C1-4107-8D1E-51315C03FFF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:nucleus_net:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A987CFB-4A41-4F82-8C7F-31DE8F0650DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:nucleus_readystart_v3:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC33F30E-EEA1-452E-8EFE-28ADA88E3F56",
              "versionEndExcluding": "2017.02.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:nucleus_readystart_v4:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35FDE44-BE25-431D-B2EE-195ACC5A606C",
              "versionEndExcluding": "4.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:nucleus_source_code:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53A38C64-612A-4BC5-83D5-D3FA1C90E0F7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition  or leak the memory past the allocated structure."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en Nucleus NET (Todas las versiones), Nucleus ReadyStart V3 (Todas las versiones anteriores a la versi\u00f3n V2017.02.3), Nucleus ReadyStart V4 (Todas las versiones anteriores a la versi\u00f3n V4.1.0), Nucleus Source Code (Versiones que incluyen los m\u00f3dulos DNS afectados), SIMOTICS CONNECT 400 (Todas las versiones anteriores a la versi\u00f3n V0.5.0.0). La funcionalidad de an\u00e1lisis de la respuesta DNS no valida correctamente varias longitudes y recuentos de los registros. El an\u00e1lisis sint\u00e1ctico de respuestas malformadas podr\u00eda dar lugar a una lectura m\u00e1s all\u00e1 del final de una estructura asignada. Un atacante con una posici\u00f3n privilegiada en la red podr\u00eda aprovechar esta vulnerabilidad para causar una condici\u00f3n de denegaci\u00f3n de servicio o filtrar la memoria m\u00e1s all\u00e1 de la estructura asignada"
    }
  ],
  "id": "CVE-2020-27737",
  "lastModified": "2024-11-21T05:21:43.447",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.2,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-22T21:15:09.280",
  "references": [
    {
      "source": "productcert@siemens.com",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2020-27737

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2020-27737

Aliases

CVE-2020-27737

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-27737",
    "description": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.",
    "id": "GSD-2020-27737"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-27737"
      ],
      "details": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition  or leak the memory past the allocated structure.",
      "id": "GSD-2020-27737",
      "modified": "2023-12-13T01:22:11.422881Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2020-27737",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "APOGEE PXC Compact (BACnet)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.5.5"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "APOGEE PXC Compact (P2 Ethernet)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V2.8.20"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "APOGEE PXC Modular (BACnet)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.5.5"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "APOGEE PXC Modular (P2 Ethernet)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V2.8.20"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Nucleus NET",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Nucleus ReadyStart V3",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V2017.02.3"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Nucleus ReadyStart V4",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V4.1.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Nucleus Source Code",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "Versions including affected DNS modules"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SIMOTICS CONNECT 400",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V0.5.0.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "TALON TC Compact (BACnet)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.5.5"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "TALON TC Modular (BACnet)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "All versions \u003c V3.5.5"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Siemens"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition  or leak the memory past the allocated structure."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-125",
                "lang": "eng",
                "value": "CWE-125: Out-of-bounds Read"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
          },
          {
            "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf",
            "refsource": "MISC",
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:siemens:simotics_connect_400_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "0.5.0.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:siemens:simotics_connect_400:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:nucleus_net:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:nucleus_source_code:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:nucleus_readystart_v3:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2017.02.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:nucleus_readystart_v4:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.1.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-27737"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions \u003c V2.8.20), APOGEE PXC Modular (BACnet) (All versions \u003c V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions \u003c V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions \u003c V2017.02.3), Nucleus ReadyStart V4 (All versions \u003c V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions \u003c V0.5.0.0), TALON TC Compact (BACnet) (All versions \u003c V3.5.5), TALON TC Modular (BACnet) (All versions \u003c V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition  or leak the memory past the allocated structure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf",
              "refsource": "MISC",
              "tags": [],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 4.2
        }
      },
      "lastModifiedDate": "2023-08-08T10:15Z",
      "publishedDate": "2021-04-22T21:15Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-27737 (GCVE-0-2020-27737)

Solution

Solution

Solution

Tags

Sightings

Nomenclature