Sign-up

ID

VAR-201905-1076


CVE

CVE-2019-10922


TITLE

SIMATIC PCS 7 and WinCC Access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-004559

DESCRIPTION

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without "Encrypted Communication", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. SIMATIC PCS 7 and WinCC Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An access control error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC

Trust: 2.79

sources: NVD: CVE-2019-10922 // JVNDB: JVNDB-2019-004559 // CNVD: CNVD-2019-14819 // BID: 108398 // IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // VULHUB: VHN-142517 // VULMON: CVE-2019-10922

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // CNVD: CNVD-2019-14819

AFFECTED PRODUCTS

vendor:siemensmodel:simatic pcs 7scope:lteversion:8.0

Trust: 1.0

vendor:siemensmodel:simatic winccscope:lteversion:7.2

Trust: 1.0

vendor:siemensmodel:simatic winccscope:gteversion:7.3

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope:gteversion:8.1

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic winccscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic pcsscope:eqversion:7<=v8.0

Trust: 0.6

vendor:siemensmodel:simatic pcsscope:eqversion:7>=v8.1

Trust: 0.6

vendor:siemensmodel:simatic winccscope:lteversion:<=v7.2

Trust: 0.6

vendor:siemensmodel:simatic winccscope:gteversion:v7.3

Trust: 0.6

vendor:simatic pcs 7model: - scope:eqversion:*

Trust: 0.4

vendor:simatic winccmodel: - scope:eqversion:*

Trust: 0.4

vendor:siemensmodel:simatic winccscope:eqversion:7.2

Trust: 0.3

vendor:siemensmodel:simatic winccscope:eqversion:7.0

Trust: 0.3

vendor:siemensmodel:simatic pcsscope:eqversion:78.0

Trust: 0.3

vendor:siemensmodel:simatic winccscope:neversion:7.3

Trust: 0.3

vendor:siemensmodel:simatic pcsscope:neversion:78.1

Trust: 0.3

sources: IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // CNVD: CNVD-2019-14819 // BID: 108398 // JVNDB: JVNDB-2019-004559 // NVD: CVE-2019-10922

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-10922
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-10922
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2019-14819
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201905-601
value: CRITICAL

Trust: 0.6

IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d
value: CRITICAL

Trust: 0.2

VULHUB: VHN-142517
value: HIGH

Trust: 0.1

VULMON: CVE-2019-10922
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-10922
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2019-14819
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-142517
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-10922
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-10922
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // CNVD: CNVD-2019-14819 // VULHUB: VHN-142517 // VULMON: CVE-2019-10922 // JVNDB: JVNDB-2019-004559 // CNNVD: CNNVD-201905-601 // NVD: CVE-2019-10922

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-284

Trust: 0.9

sources: VULHUB: VHN-142517 // JVNDB: JVNDB-2019-004559 // NVD: CVE-2019-10922

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-601

TYPE

Access control error

Trust: 0.8

sources: IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // CNNVD: CNNVD-201905-601

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-004559

PATCH
title:SSA-705517url:https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf
Trust: 0.8
title:Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Access Control Error Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/161749
Trust: 0.6
title:Siemens SIMATIC PCS 7  and SIMATIC WinCC Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92743
Trust: 0.6
title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=5b4ebc1c1cb31c7e91ba7bafb5859453
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-14819 // 
            
            
            
            VULMON: CVE-2019-10922 // 
            
            
            
            JVNDB: JVNDB-2019-004559 // 
            
            
            
            CNNVD: CNNVD-201905-601

EXTERNAL IDS
db:NVDid:CVE-2019-10922
Trust: 3.7
db:ICS CERTid:ICSA-19-134-02
Trust: 2.4
db:BIDid:108398
Trust: 2.1
db:SIEMENSid:SSA-705517
Trust: 1.8
db:CNVDid:CNVD-2019-14819
Trust: 0.8
db:CNNVDid:CNNVD-201905-601
Trust: 0.8
db:JVNDBid:JVNDB-2019-004559
Trust: 0.8
db:AUSCERTid:ESB-2019.1716.2
Trust: 0.6
db:IVDid:28B5F5F4-5CC5-4DD7-87DA-AEDB11DAE08D
Trust: 0.2
db:VULHUBid:VHN-142517
Trust: 0.1
db:VULMONid:CVE-2019-10922
Trust: 0.1
sources:
            
            
            IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // 
            
            
            
            CNVD: CNVD-2019-14819 // 
            
            
            
            VULHUB: VHN-142517 // 
            
            
            
            VULMON: CVE-2019-10922 // 
            
            
            
            BID: 108398 // 
            
            
            
            JVNDB: JVNDB-2019-004559 // 
            
            
            
            CNNVD: CNNVD-201905-601 // 
            
            
            
            NVD: CVE-2019-10922

REFERENCES
url:http://www.securityfocus.com/bid/108398
Trust: 2.5
url:https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf
Trust: 1.8
url:https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0
Trust: 1.6
url:https://nvd.nist.gov/vuln/detail/cve-2019-10922
Trust: 1.4
url:http://subscriber.communications.siemens.com/
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10922
Trust: 0.8
url:https://www.us-cert.gov/ics/advisories/icsa-19-134-02-0
Trust: 0.8
url:https://www.auscert.org.au/bulletins/80946
Trust: 0.6
url:https://vigilance.fr/vulnerability/simatic-wincc-code-execution-29287
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-14819 // 
            
            
            
            VULHUB: VHN-142517 // 
            
            
            
            VULMON: CVE-2019-10922 // 
            
            
            
            BID: 108398 // 
            
            
            
            JVNDB: JVNDB-2019-004559 // 
            
            
            
            CNNVD: CNNVD-201905-601 // 
            
            
            
            NVD: CVE-2019-10922

CREDITS
Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab reported this vulnerability to Siemens.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201905-601

SOURCES
db:IVDid:28b5f5f4-5cc5-4dd7-87da-aedb11dae08d
db:CNVDid:CNVD-2019-14819
db:VULHUBid:VHN-142517
db:VULMONid:CVE-2019-10922
db:BIDid:108398
db:JVNDBid:JVNDB-2019-004559
db:CNNVDid:CNNVD-201905-601
db:NVDid:CVE-2019-10922

LAST UPDATE DATE
2024-08-14T13:26:21.540000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-14819date:2019-05-21T00:00:00
db:VULHUBid:VHN-142517date:2020-10-02T00:00:00
db:VULMONid:CVE-2019-10922date:2020-10-02T00:00:00
db:BIDid:108398date:2019-05-14T00:00:00
db:JVNDBid:JVNDB-2019-004559date:2019-07-08T00:00:00
db:CNNVDid:CNNVD-201905-601date:2020-10-09T00:00:00
db:NVDid:CVE-2019-10922date:2020-10-02T14:36:36.303

SOURCES RELEASE DATE
db:IVDid:28b5f5f4-5cc5-4dd7-87da-aedb11dae08ddate:2019-05-21T00:00:00
db:CNVDid:CNVD-2019-14819date:2019-05-21T00:00:00
db:VULHUBid:VHN-142517date:2019-05-14T00:00:00
db:VULMONid:CVE-2019-10922date:2019-05-14T00:00:00
db:BIDid:108398date:2019-05-14T00:00:00
db:JVNDBid:JVNDB-2019-004559date:2019-06-04T00:00:00
db:CNNVDid:CNNVD-201905-601date:2019-05-14T00:00:00
db:NVDid:CVE-2019-10922date:2019-05-14T20:29:02.763