CVE-2020-7592
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI KTP700F Mobile Arctic (All versions), SIMATIC HMI Mobile Panels 2nd Generation (All versions), SIMATIC WinCC Runtime Advanced (All versions). Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have access to sensitive information.
Se ha identificado una vulnerabilidad en SIMATIC HMI Basic Panels 1st Generation (incluyendo las variantes SIPLUS) (Todas las versiones), SIMATIC HMI Basic Panels 2nd Generation (incluyendo las variantes SIPLUS) (Todas las versiones), SIMATIC HMI Comfort Panels (incluyendo las variantes SIPLUS) (Todas las versiones), SIMATIC HMI KTP700F Mobile Arctic (Todas las versiones), SIMATIC HMI Mobile Panels 2nd Generation (Todas las versiones), SIMATIC WinCC Runtime Advanced (Todas las versiones). Una comunicación no cifrada entre el software de configuración y el dispositivo respectivo podría permitir a un atacante capturar la comunicación potencial de texto plano y tener acceso a información confidencial
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-21 CVE Reserved
- 2020-07-14 CVE Published
- 2023-03-30 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-319: Cleartext Transmission of Sensitive Information
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://us-cert.cisa.gov/ics/advisories/icsa-20-196-04 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf | 2020-07-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Siemens Search vendor "Siemens" | Simatic Hmi Comfort Panels Firmware Search vendor "Siemens" for product "Simatic Hmi Comfort Panels Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Hmi Comfort Panels Search vendor "Siemens" for product "Simatic Hmi Comfort Panels" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Hmi Ktp700f Mobile Arctic Firmware Search vendor "Siemens" for product "Simatic Hmi Ktp700f Mobile Arctic Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Hmi Ktp700f Mobile Arctic Search vendor "Siemens" for product "Simatic Hmi Ktp700f Mobile Arctic" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Hmi Mobile Panels 2nd Generation Firmware Search vendor "Siemens" for product "Simatic Hmi Mobile Panels 2nd Generation Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Hmi Mobile Panels 2nd Generation Search vendor "Siemens" for product "Simatic Hmi Mobile Panels 2nd Generation" | - | - |
Safe
|
| Siemens Search vendor "Siemens" | Simatic Hmi Basic Panels 1st Generation Search vendor "Siemens" for product "Simatic Hmi Basic Panels 1st Generation" | * | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simatic Hmi Basic Panels 2nd Generation Search vendor "Siemens" for product "Simatic Hmi Basic Panels 2nd Generation" | * | - |
Affected
| ||||||
| Siemens Search vendor "Siemens" | Simatic Wincc Runtime Advanced Search vendor "Siemens" for product "Simatic Wincc Runtime Advanced" | * | - |
Affected
| ||||||