CVE-2019-10935

Опубликовано: 11 июл. 2019

Источник: nvd

CVSS3: 7.2

CVSS2: 6.5

EPSS Низкий

Описание

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX c

Ссылки

https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf
Patch
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:siemens:simatic_pcs_7:8.0:*:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_pcs_7:9.0:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*

Версия до 7.2 (включая)

cpe:2.3:a:siemens:simatic_wincc:7.3:-:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_wincc:7.3:update_1:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_wincc:7.3:update_10:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_wincc:7.3:update_11:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_wincc:7.3:update_13:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_wincc:7.3:update_4:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_wincc:7.4:update_1:*:*:*:*:*:*

cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:siemens:simatic_wincc:13:-:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc:13:sp2:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc:14:*:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc:14:-:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc:14:sp1:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc:15:*:*:*:professional:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:siemens:simatic_wincc_runtime:13:*:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc_runtime:13:-:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc_runtime:13:sp1:update_2:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc_runtime:13:sp1:update_9:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc_runtime:13:sp2:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc_runtime:14:-:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc_runtime:14:sp1:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc_runtime:15:-:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc_runtime:15:update_4:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc_runtime:15.1:-:*:*:professional:*:*:*

cpe:2.3:a:siemens:simatic_wincc_runtime:15.1:update_1:*:*:professional:*:*:*

EPSS

Процентиль: 66%

0.00517

Низкий

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-3hg6-vvm5-64f6

CVSS3: 7.2

github

больше 3 лет назад

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions), SIMATIC WinCC Professional (TIA Portal V15) (All versions), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions), SIMATIC WinCC Runtime Professional V15 (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access ...

BDU:2019-04229

CVSS3: 7.2

fstec

больше 6 лет назад

Уязвимость веб-приложения SIMATIC WinCC DataMonitor, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю загрузить произвольный ASPX код

EPSS

Процентиль: 66%

0.00517

Низкий

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434