ID

VAR-201905-1076


CVE

CVE-2019-10922


TITLE

SIMATIC PCS 7 and WinCC Access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-004559

DESCRIPTION

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without "Encrypted Communication", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. SIMATIC PCS 7 and WinCC Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An access control error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC

Trust: 2.79

sources: NVD: CVE-2019-10922 // JVNDB: JVNDB-2019-004559 // CNVD: CNVD-2019-14819 // BID: 108398 // IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // VULHUB: VHN-142517 // VULMON: CVE-2019-10922

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // CNVD: CNVD-2019-14819

AFFECTED PRODUCTS

vendor:siemensmodel:simatic pcs 7scope:lteversion:8.0

Trust: 1.0

vendor:siemensmodel:simatic winccscope:lteversion:7.2

Trust: 1.0

vendor:siemensmodel:simatic winccscope:gteversion:7.3

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope:gteversion:8.1

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic winccscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic pcsscope:eqversion:7<=v8.0

Trust: 0.6

vendor:siemensmodel:simatic pcsscope:eqversion:7>=v8.1

Trust: 0.6

vendor:siemensmodel:simatic winccscope:lteversion:<=v7.2

Trust: 0.6

vendor:siemensmodel:simatic winccscope:gteversion:v7.3

Trust: 0.6

vendor:simatic pcs 7model: - scope:eqversion:*

Trust: 0.4

vendor:simatic winccmodel: - scope:eqversion:*

Trust: 0.4

vendor:siemensmodel:simatic winccscope:eqversion:7.2

Trust: 0.3

vendor:siemensmodel:simatic winccscope:eqversion:7.0

Trust: 0.3

vendor:siemensmodel:simatic pcsscope:eqversion:78.0

Trust: 0.3

vendor:siemensmodel:simatic winccscope:neversion:7.3

Trust: 0.3

vendor:siemensmodel:simatic pcsscope:neversion:78.1

Trust: 0.3

sources: IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // CNVD: CNVD-2019-14819 // BID: 108398 // JVNDB: JVNDB-2019-004559 // NVD: CVE-2019-10922

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-10922
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-10922
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2019-14819
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201905-601
value: CRITICAL

Trust: 0.6

IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d
value: CRITICAL

Trust: 0.2

VULHUB: VHN-142517
value: HIGH

Trust: 0.1

VULMON: CVE-2019-10922
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-10922
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2019-14819
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-142517
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-10922
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-10922
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // CNVD: CNVD-2019-14819 // VULHUB: VHN-142517 // VULMON: CVE-2019-10922 // JVNDB: JVNDB-2019-004559 // CNNVD: CNNVD-201905-601 // NVD: CVE-2019-10922

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.0

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-284

Trust: 0.9

sources: VULHUB: VHN-142517 // JVNDB: JVNDB-2019-004559 // NVD: CVE-2019-10922

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-601

TYPE

Access control error

Trust: 0.8

sources: IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // CNNVD: CNNVD-201905-601

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004559

PATCH

title:SSA-705517url:https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf

Trust: 0.8

title:Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Access Control Error Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/161749

Trust: 0.6

title:Siemens SIMATIC PCS 7 and SIMATIC WinCC Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92743

Trust: 0.6

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=5b4ebc1c1cb31c7e91ba7bafb5859453

Trust: 0.1

sources: CNVD: CNVD-2019-14819 // VULMON: CVE-2019-10922 // JVNDB: JVNDB-2019-004559 // CNNVD: CNNVD-201905-601

EXTERNAL IDS

db:NVDid:CVE-2019-10922

Trust: 3.7

db:ICS CERTid:ICSA-19-134-02

Trust: 2.4

db:BIDid:108398

Trust: 2.1

db:SIEMENSid:SSA-705517

Trust: 1.8

db:CNVDid:CNVD-2019-14819

Trust: 0.8

db:CNNVDid:CNNVD-201905-601

Trust: 0.8

db:JVNDBid:JVNDB-2019-004559

Trust: 0.8

db:AUSCERTid:ESB-2019.1716.2

Trust: 0.6

db:IVDid:28B5F5F4-5CC5-4DD7-87DA-AEDB11DAE08D

Trust: 0.2

db:VULHUBid:VHN-142517

Trust: 0.1

db:VULMONid:CVE-2019-10922

Trust: 0.1

sources: IVD: 28b5f5f4-5cc5-4dd7-87da-aedb11dae08d // CNVD: CNVD-2019-14819 // VULHUB: VHN-142517 // VULMON: CVE-2019-10922 // BID: 108398 // JVNDB: JVNDB-2019-004559 // CNNVD: CNNVD-201905-601 // NVD: CVE-2019-10922

REFERENCES

url:http://www.securityfocus.com/bid/108398

Trust: 2.5

url:https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf

Trust: 1.8

url:https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2019-10922

Trust: 1.4

url:http://subscriber.communications.siemens.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10922

Trust: 0.8

url:https://www.us-cert.gov/ics/advisories/icsa-19-134-02-0

Trust: 0.8

url:https://www.auscert.org.au/bulletins/80946

Trust: 0.6

url:https://vigilance.fr/vulnerability/simatic-wincc-code-execution-29287

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2019-14819 // VULHUB: VHN-142517 // VULMON: CVE-2019-10922 // BID: 108398 // JVNDB: JVNDB-2019-004559 // CNNVD: CNNVD-201905-601 // NVD: CVE-2019-10922

CREDITS

Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab reported this vulnerability to Siemens.

Trust: 0.6

sources: CNNVD: CNNVD-201905-601

SOURCES

db:IVDid:28b5f5f4-5cc5-4dd7-87da-aedb11dae08d
db:CNVDid:CNVD-2019-14819
db:VULHUBid:VHN-142517
db:VULMONid:CVE-2019-10922
db:BIDid:108398
db:JVNDBid:JVNDB-2019-004559
db:CNNVDid:CNNVD-201905-601
db:NVDid:CVE-2019-10922

LAST UPDATE DATE

2024-08-14T13:26:21.540000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-14819date:2019-05-21T00:00:00
db:VULHUBid:VHN-142517date:2020-10-02T00:00:00
db:VULMONid:CVE-2019-10922date:2020-10-02T00:00:00
db:BIDid:108398date:2019-05-14T00:00:00
db:JVNDBid:JVNDB-2019-004559date:2019-07-08T00:00:00
db:CNNVDid:CNNVD-201905-601date:2020-10-09T00:00:00
db:NVDid:CVE-2019-10922date:2020-10-02T14:36:36.303

SOURCES RELEASE DATE

db:IVDid:28b5f5f4-5cc5-4dd7-87da-aedb11dae08ddate:2019-05-21T00:00:00
db:CNVDid:CNVD-2019-14819date:2019-05-21T00:00:00
db:VULHUBid:VHN-142517date:2019-05-14T00:00:00
db:VULMONid:CVE-2019-10922date:2019-05-14T00:00:00
db:BIDid:108398date:2019-05-14T00:00:00
db:JVNDBid:JVNDB-2019-004559date:2019-06-04T00:00:00
db:CNNVDid:CNNVD-201905-601date:2019-05-14T00:00:00
db:NVDid:CVE-2019-10922date:2019-05-14T20:29:02.763