Sign-up

ID

VAR-201504-0234


CVE

CVE-2015-2822


TITLE

Siemens SIMATIC HMI Comfort Panels and SIMATIC WinCC Runtime Advanced Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-002125

DESCRIPTION

Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP port 102. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. A port that can cause a denial of service attack. Multiple Siemens SIMATIC products are prone to a denial-of-service vulnerability. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate users. Siemens SIMATIC HMI Comfort Panels and SIMATIC WinCC Runtime Advanced are HMI software for controlling and monitoring machines and equipment from Siemens, Germany

Trust: 2.88

sources: NVD: CVE-2015-2822 // JVNDB: JVNDB-2015-002125 // CNVD: CNVD-2015-02292 // BID: 74028 // IVD: 984ee090-2351-11e6-abef-000c29c66e3d // IVD: cda955ed-285a-41f6-a455-3a71c5e4729a // VULHUB: VHN-80783

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 984ee090-2351-11e6-abef-000c29c66e3d // IVD: cda955ed-285a-41f6-a455-3a71c5e4729a // CNVD: CNVD-2015-02292

AFFECTED PRODUCTS

vendor:siemensmodel:winccscope:lteversion:13.0

Trust: 1.0

vendor:winccmodel: - scope:eqversion:*

Trust: 0.8

vendor:siemensmodel:simatic hmi comfort panelsscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic winccscope:ltversion:runtime advanced 13 sp1 upd2

Trust: 0.8

vendor:siemensmodel:simatic hmi comfort panels before wincc sp1 upd2scope:eqversion:13

Trust: 0.6

vendor:siemensmodel:simatic wincc runtime advanced sp1 upd2scope:eqversion:13

Trust: 0.6

vendor:siemensmodel:winccscope:eqversion:13.0

Trust: 0.6

sources: IVD: 984ee090-2351-11e6-abef-000c29c66e3d // IVD: cda955ed-285a-41f6-a455-3a71c5e4729a // CNVD: CNVD-2015-02292 // JVNDB: JVNDB-2015-002125 // CNNVD: CNNVD-201504-096 // NVD: CVE-2015-2822

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-2822
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-2822
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-02292
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201504-096
value: MEDIUM

Trust: 0.6

IVD: 984ee090-2351-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: cda955ed-285a-41f6-a455-3a71c5e4729a
value: MEDIUM

Trust: 0.2

VULHUB: VHN-80783
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-2822
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2015-02292
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 984ee090-2351-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: cda955ed-285a-41f6-a455-3a71c5e4729a
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-80783
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 984ee090-2351-11e6-abef-000c29c66e3d // IVD: cda955ed-285a-41f6-a455-3a71c5e4729a // CNVD: CNVD-2015-02292 // VULHUB: VHN-80783 // JVNDB: JVNDB-2015-002125 // CNNVD: CNNVD-201504-096 // NVD: CVE-2015-2822

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-80783 // JVNDB: JVNDB-2015-002125 // NVD: CVE-2015-2822

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201504-096

TYPE

Input validation

Trust: 1.0

sources: IVD: 984ee090-2351-11e6-abef-000c29c66e3d // IVD: cda955ed-285a-41f6-a455-3a71c5e4729a // CNNVD: CNNVD-201504-096

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-002125

PATCH
title:SSA-487246url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf
Trust: 0.8
title:Patch for Siemens SIMATIC and SIMATIC WinCC HMI Comfort Panels denial of service vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/57131
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-02292 // 
            
            
            
            JVNDB: JVNDB-2015-002125

EXTERNAL IDS
db:NVDid:CVE-2015-2822
Trust: 3.8
db:BIDid:74028
Trust: 2.0
db:SIEMENSid:SSA-487246
Trust: 1.7
db:CNNVDid:CNNVD-201504-096
Trust: 1.1
db:CNVDid:CNVD-2015-02292
Trust: 1.0
db:ICS CERTid:ICSA-15-099-01
Trust: 0.8
db:JVNDBid:JVNDB-2015-002125
Trust: 0.8
db:IVDid:984EE090-2351-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:CDA955ED-285A-41F6-A455-3A71C5E4729A
Trust: 0.2
db:VULHUBid:VHN-80783
Trust: 0.1
sources:
            
            
            IVD: 984ee090-2351-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: cda955ed-285a-41f6-a455-3a71c5e4729a // 
            
            
            
            CNVD: CNVD-2015-02292 // 
            
            
            
            VULHUB: VHN-80783 // 
            
            
            
            BID: 74028 // 
            
            
            
            JVNDB: JVNDB-2015-002125 // 
            
            
            
            CNNVD: CNNVD-201504-096 // 
            
            
            
            NVD: CVE-2015-2822

REFERENCES
url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-487246.pdf
Trust: 1.7
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2822
Trust: 1.4
url:http://www.securityfocus.com/bid/74028
Trust: 1.1
url:https://cert-portal.siemens.com/productcert/pdf/ssa-487246.pdf
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2822
Trust: 0.8
url:https://ics-cert.us-cert.gov/advisories/icsa-15-099-01
Trust: 0.8
url:http://subscriber.communications.siemens.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2015-02292 // 
            
            
            
            VULHUB: VHN-80783 // 
            
            
            
            BID: 74028 // 
            
            
            
            JVNDB: JVNDB-2015-002125 // 
            
            
            
            CNNVD: CNNVD-201504-096 // 
            
            
            
            NVD: CVE-2015-2822

CREDITS
Quarkslab team and Ilya Karpov from Positive Technologies.
Trust: 0.3
sources:
            
            
            BID: 74028

SOURCES
db:IVDid:984ee090-2351-11e6-abef-000c29c66e3d
db:IVDid:cda955ed-285a-41f6-a455-3a71c5e4729a
db:CNVDid:CNVD-2015-02292
db:VULHUBid:VHN-80783
db:BIDid:74028
db:JVNDBid:JVNDB-2015-002125
db:CNNVDid:CNNVD-201504-096
db:NVDid:CVE-2015-2822

LAST UPDATE DATE
2024-08-14T13:57:39.167000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-02292date:2015-04-10T00:00:00
db:VULHUBid:VHN-80783date:2016-11-28T00:00:00
db:BIDid:74028date:2015-10-26T16:22:00
db:JVNDBid:JVNDB-2015-002125date:2015-04-10T00:00:00
db:CNNVDid:CNNVD-201504-096date:2015-04-10T00:00:00
db:NVDid:CVE-2015-2822date:2016-11-28T19:21:57.340

SOURCES RELEASE DATE
db:IVDid:984ee090-2351-11e6-abef-000c29c66e3ddate:2015-04-10T00:00:00
db:IVDid:cda955ed-285a-41f6-a455-3a71c5e4729adate:2015-04-10T00:00:00
db:CNVDid:CNVD-2015-02292date:2015-04-10T00:00:00
db:VULHUBid:VHN-80783date:2015-04-08T00:00:00
db:BIDid:74028date:2015-04-09T00:00:00
db:JVNDBid:JVNDB-2015-002125date:2015-04-10T00:00:00
db:CNNVDid:CNNVD-201504-096date:2015-04-09T00:00:00
db:NVDid:CVE-2015-2822date:2015-04-08T16:59:00.067