CVE-2020-7580
https://notcve.org/view.php?id=CVE-2020-7580
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. Se ha identificado una vulnerabilidad en SIMATIC Automation Tool (Todas las versiones anteriores a la versión V4 SP2), SIMATIC NET PC Software V14 (Todas las versiones anteriores a la versión V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a la versión V16 Upd3), SIMATIC PCS neo (Todas las versiones anteriores a la versión V3.0 SP1), SIMATIC ProSave (Todas las versiones anteriores a la versión V17), SIMATIC S7-1500 Software Controller (Todas las versiones anteriores a la versión V21. 8), SIMATIC STEP 7 (Todas las versiones anteriores a la versión V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (Todas las versiones anteriores a la versión V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (Todas las versiones anteriores a la versión V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a la versión V15. 1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC OA V3.16 (Todas las versiones anteriores a la versión V3.16 P018), SIMATIC WinCC OA V3. 17 (Todas las versiones anteriores a la versión V3.17 P003), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC Runtime Professional V13 (Todas las versiones anteriores a la versión V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a la versión V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (Todas las versiones anteriores a la versión V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC V7. 4 (Todas las versiones anteriores a la versión V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versión V7.5 SP1 Update 3), SINAMICS STARTER (Todas las versiones anteriores a la versión V5.4 HF2), SINAMICS Startdrive (Todas las versiones anteriores a la versión V16 Update 3), SINEC NMS (Todas las versiones anteriores a la versión V1. 0 SP2), SINEMA Server (Todas las versiones anteriores a la versión V14 SP3), SINUMERIK ONE virtual (Todas las versiones anteriores a la versión V6.14), SINUMERIK Operate (Todas las versiones anteriores a la versión V6.14). Un componente dentro de la aplicación afectada llama regularmente a un binario de ayuda con privilegios de SISTEMA mientras la ruta de llamada no está citada • https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04 • CWE-428: Unquoted Search Path or Element •
CVE-2019-10929
https://notcve.org/view.php?id=CVE-2019-10929
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. • https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf https://www.us-cert.gov/ics/advisories/icsa-19-344-04 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2019-10935
https://notcve.org/view.php?id=CVE-2019-10935
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. • https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2019-10916
https://notcve.org/view.php?id=CVE-2019-10916
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. • https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf https://www.us-cert.gov/ics/advisories/ICSA-19-134-08 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2019-6576
https://notcve.org/view.php?id=CVE-2019-6576
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. • http://www.securityfocus.com/bid/108412 https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf https://www.us-cert.gov/ics/advisories/ICSA-19-134-09 • CWE-310: Cryptographic Issues •