Sign-up

ID

VAR-201407-0605


CVE

CVE-2014-4685


TITLE

Siemens SIMATIC PCS 7 Used in products such as SIMATIC WinCC Vulnerability gained in

Trust: 0.8

sources: JVNDB: JVNDB-2014-003568

DESCRIPTION

Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access control. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A number of Siemens products have local privilege escalation vulnerabilities that allow an attacker to exploit vulnerabilities to escalate permissions on affected computers. Siemens SIMATIC WinCC and PCS 7 are prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges on affected computers. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). The system provides process monitoring, data acquisition and other functions. A security vulnerability exists in versions prior to Siemens SIMATIC WinCC 7.3 used by PCS7 and other products

Trust: 3.06

sources: NVD: CVE-2014-4685 // JVNDB: JVNDB-2014-003568 // CNVD: CNVD-2014-04695 // BID: 68872 // IVD: 7d76ea61-463f-11e9-a2da-000c29342cb1 // IVD: e2d14a5e-2351-11e6-abef-000c29c66e3d // IVD: d7eabc36-02a7-4430-8646-7d7359179ce3 // VULHUB: VHN-72626

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.2

sources: IVD: 7d76ea61-463f-11e9-a2da-000c29342cb1 // IVD: e2d14a5e-2351-11e6-abef-000c29c66e3d // IVD: d7eabc36-02a7-4430-8646-7d7359179ce3 // CNVD: CNVD-2014-04695

AFFECTED PRODUCTS

vendor:winccmodel: - scope:eqversion:6.0

Trust: 2.4

vendor:winccmodel: - scope:eqversion:7.0

Trust: 2.4

vendor:siemensmodel:winccscope:eqversion:6.0

Trust: 1.6

vendor:siemensmodel:winccscope:eqversion:7.1

Trust: 1.6

vendor:siemensmodel:simatic pcs7scope:eqversion:8.0

Trust: 1.6

vendor:siemensmodel:winccscope:eqversion:7.0

Trust: 1.6

vendor:siemensmodel:simatic winccscope:ltversion:7.3

Trust: 1.4

vendor:winccmodel: - scope:eqversion:5.0

Trust: 1.2

vendor:winccmodel: - scope:eqversion:7.1

Trust: 1.2

vendor:siemensmodel:winccscope:eqversion:5.0

Trust: 1.0

vendor:siemensmodel:simatic pcs7scope:eqversion:7.1

Trust: 1.0

vendor:siemensmodel:simatic pcs7scope:lteversion:8.0

Trust: 1.0

vendor:siemensmodel:winccscope:lteversion:7.2

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope:ltversion:8.1

Trust: 0.8

vendor:simatic pcs7model: - scope:eqversion:7.1

Trust: 0.6

vendor:simatic pcs7model: - scope:eqversion:8.0

Trust: 0.6

vendor:simatic pcs7model: - scope:eqversion:*

Trust: 0.6

vendor:winccmodel: - scope:eqversion:*

Trust: 0.6

vendor:siemensmodel:pcs7scope: - version: -

Trust: 0.6

vendor:siemensmodel:winccscope:eqversion:7.2

Trust: 0.6

sources: IVD: 7d76ea61-463f-11e9-a2da-000c29342cb1 // IVD: e2d14a5e-2351-11e6-abef-000c29c66e3d // IVD: d7eabc36-02a7-4430-8646-7d7359179ce3 // CNVD: CNVD-2014-04695 // JVNDB: JVNDB-2014-003568 // CNNVD: CNNVD-201407-605 // NVD: CVE-2014-4685

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-4685
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-4685
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2014-04695
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201407-605
value: MEDIUM

Trust: 0.6

IVD: 7d76ea61-463f-11e9-a2da-000c29342cb1
value: MEDIUM

Trust: 0.2

IVD: e2d14a5e-2351-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: d7eabc36-02a7-4430-8646-7d7359179ce3
value: MEDIUM

Trust: 0.2

VULHUB: VHN-72626
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-4685
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-04695
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d76ea61-463f-11e9-a2da-000c29342cb1
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: e2d14a5e-2351-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: d7eabc36-02a7-4430-8646-7d7359179ce3
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-72626
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 7d76ea61-463f-11e9-a2da-000c29342cb1 // IVD: e2d14a5e-2351-11e6-abef-000c29c66e3d // IVD: d7eabc36-02a7-4430-8646-7d7359179ce3 // CNVD: CNVD-2014-04695 // VULHUB: VHN-72626 // JVNDB: JVNDB-2014-003568 // CNNVD: CNNVD-201407-605 // NVD: CVE-2014-4685

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-72626 // JVNDB: JVNDB-2014-003568 // NVD: CVE-2014-4685

THREAT TYPE

local

Trust: 0.9

sources: BID: 68872 // CNNVD: CNNVD-201407-605

TYPE

Permission permission and access control

Trust: 0.6

sources: IVD: 7d76ea61-463f-11e9-a2da-000c29342cb1 // IVD: e2d14a5e-2351-11e6-abef-000c29c66e3d // IVD: d7eabc36-02a7-4430-8646-7d7359179ce3

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-003568

PATCH
title:SSA-214365url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf
Trust: 0.8
title:A patch for Siemens' local product privilege escalation vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/47934
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-04695 // 
            
            
            
            JVNDB: JVNDB-2014-003568

EXTERNAL IDS
db:NVDid:CVE-2014-4685
Trust: 4.1
db:SIEMENSid:SSA-214365
Trust: 2.0
db:CNNVDid:CNNVD-201407-605
Trust: 1.3
db:CNVDid:CNVD-2014-04695
Trust: 1.2
db:ICS CERTid:ICSA-14-205-02
Trust: 1.1
db:BIDid:68872
Trust: 1.0
db:JVNDBid:JVNDB-2014-003568
Trust: 0.8
db:SECUNIAid:60392
Trust: 0.6
db:SECUNIAid:60388
Trust: 0.6
db:IVDid:7D76EA61-463F-11E9-A2DA-000C29342CB1
Trust: 0.2
db:IVDid:E2D14A5E-2351-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:D7EABC36-02A7-4430-8646-7D7359179CE3
Trust: 0.2
db:VULHUBid:VHN-72626
Trust: 0.1
db:PACKETSTORMid:127660
Trust: 0.1
sources:
            
            
            IVD: 7d76ea61-463f-11e9-a2da-000c29342cb1 // 
            
            
            
            IVD: e2d14a5e-2351-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: d7eabc36-02a7-4430-8646-7d7359179ce3 // 
            
            
            
            CNVD: CNVD-2014-04695 // 
            
            
            
            VULHUB: VHN-72626 // 
            
            
            
            BID: 68872 // 
            
            
            
            JVNDB: JVNDB-2014-003568 // 
            
            
            
            PACKETSTORM: 127660 // 
            
            
            
            CNNVD: CNNVD-201407-605 // 
            
            
            
            NVD: CVE-2014-4685

REFERENCES
url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf
Trust: 2.0
url:https://ics-cert.us-cert.gov/advisories/icsa-14-205-02
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4685
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4685
Trust: 0.8
url:http://www.securityfocus.com/bid/68872/info
Trust: 0.6
url:http://secunia.com/advisories/60388
Trust: 0.6
url:http://secunia.com/advisories/60392
Trust: 0.6
url:http://www.siemens.com/
Trust: 0.3
url:http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2014-4684
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-4683
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-4685
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-4686
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-4682
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-04695 // 
            
            
            
            VULHUB: VHN-72626 // 
            
            
            
            BID: 68872 // 
            
            
            
            JVNDB: JVNDB-2014-003568 // 
            
            
            
            PACKETSTORM: 127660 // 
            
            
            
            CNNVD: CNNVD-201407-605 // 
            
            
            
            NVD: CVE-2014-4685

CREDITS
Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai
from Positive Technologies
Trust: 0.3
sources:
            
            
            BID: 68872

SOURCES
db:IVDid:7d76ea61-463f-11e9-a2da-000c29342cb1
db:IVDid:e2d14a5e-2351-11e6-abef-000c29c66e3d
db:IVDid:d7eabc36-02a7-4430-8646-7d7359179ce3
db:CNVDid:CNVD-2014-04695
db:VULHUBid:VHN-72626
db:BIDid:68872
db:JVNDBid:JVNDB-2014-003568
db:PACKETSTORMid:127660
db:CNNVDid:CNNVD-201407-605
db:NVDid:CVE-2014-4685

LAST UPDATE DATE
2024-08-14T13:34:53.266000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-04695date:2014-07-30T00:00:00
db:VULHUBid:VHN-72626date:2014-07-25T00:00:00
db:BIDid:68872date:2015-03-19T09:46:00
db:JVNDBid:JVNDB-2014-003568date:2014-08-05T00:00:00
db:CNNVDid:CNNVD-201407-605date:2014-07-25T00:00:00
db:NVDid:CVE-2014-4685date:2014-07-25T14:49:24.540

SOURCES RELEASE DATE
db:IVDid:7d76ea61-463f-11e9-a2da-000c29342cb1date:2014-07-30T00:00:00
db:IVDid:e2d14a5e-2351-11e6-abef-000c29c66e3ddate:2014-07-30T00:00:00
db:IVDid:d7eabc36-02a7-4430-8646-7d7359179ce3date:2014-07-30T00:00:00
db:CNVDid:CNVD-2014-04695date:2014-07-29T00:00:00
db:VULHUBid:VHN-72626date:2014-07-24T00:00:00
db:BIDid:68872date:2014-07-23T00:00:00
db:JVNDBid:JVNDB-2014-003568date:2014-07-28T00:00:00
db:PACKETSTORMid:127660date:2014-07-29T22:37:22
db:CNNVDid:CNNVD-201407-605date:2014-07-25T00:00:00
db:NVDid:CVE-2014-4685date:2014-07-24T14:55:08.143