ID

VAR-201905-1324


CVE

CVE-2019-10917


TITLE

plural SIMATIC Vulnerability related to input validation in products

Trust: 0.8

sources: JVNDB: JVNDB-2019-004567

DESCRIPTION

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that originated from a network system or product that did not properly validate the entered data. service. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3

Trust: 2.7

sources: NVD: CVE-2019-10917 // JVNDB: JVNDB-2019-004567 // CNVD: CNVD-2019-14939 // BID: 108404 // IVD: df80f7d1-c23d-4b6b-a4d2-d114f7117cd6 // VULHUB: VHN-142511

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: df80f7d1-c23d-4b6b-a4d2-d114f7117cd6 // CNVD: CNVD-2019-14939

AFFECTED PRODUCTS

vendor:siemensmodel:simatic wincc runtime professionalscope: - version: -

Trust: 1.4

vendor:siemensmodel:simatic winccscope:eqversion:7.5

Trust: 1.3

vendor:siemensmodel:simatic winccscope:eqversion:7.4

Trust: 1.3

vendor:siemensmodel:simatic winccscope:eqversion:7.3

Trust: 1.3

vendor:siemensmodel:simatic winccscope:lteversion:7.2

Trust: 1.0

vendor:siemensmodel:simatic wincc \scope:eqversion:13.0

Trust: 1.0

vendor:siemensmodel:simatic wincc \scope:eqversion:15.0

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope:eqversion:8.1

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope:eqversion:9.0

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope:eqversion:8.2

Trust: 1.0

vendor:siemensmodel:simatic wincc \scope:eqversion:14.0

Trust: 1.0

vendor:siemensmodel:simatic wincc runtime professionalscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope:lteversion:8.0

Trust: 1.0

vendor:siemensmodel:simatic winccscope:eqversion:v13

Trust: 0.9

vendor:siemensmodel:simatic winccscope:eqversion:v14

Trust: 0.9

vendor:siemensmodel:simatic winccscope:eqversion:v15

Trust: 0.9

vendor:siemensmodel:simatic pcs 7scope:eqversion:8.1.x

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:7.3.x

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:7.5 upd3

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:13.x

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:14.x

Trust: 0.8

vendor:siemensmodel:simatic winccscope:ltversion:7.5

Trust: 0.8

vendor:siemensmodel:simatic pcs 7scope:lteversion:8.0 and earlier

Trust: 0.8

vendor:siemensmodel:simatic pcs 7scope:eqversion:8.2.x

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:7.4.x

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:15.x

Trust: 0.8

vendor:siemensmodel:simatic winccscope:lteversion:7.2 and earlier

Trust: 0.8

vendor:siemensmodel:simatic pcs 7scope:eqversion:9.0.x

Trust: 0.8

vendor:siemensmodel:simatic pcsscope:eqversion:7v8.2

Trust: 0.6

vendor:siemensmodel:simatic pcsscope:eqversion:7v8.0

Trust: 0.6

vendor:siemensmodel:simatic pcsscope:eqversion:7v8.1

Trust: 0.6

vendor:siemensmodel:simatic winccscope:lteversion:<=7.2

Trust: 0.6

vendor:siemensmodel:simatic pcsscope:eqversion:7v9.0

Trust: 0.6

vendor:siemensmodel:simatic winccscope:eqversion:v7.3

Trust: 0.6

vendor:siemensmodel:simatic winccscope:eqversion:v7.4

Trust: 0.6

vendor:siemensmodel:simatic wincc upd3scope:eqversion:v7.5.*<v7.5

Trust: 0.6

vendor:siemensmodel:simatic wincc runtime professionalscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:simatic winccscope:eqversion:7.2

Trust: 0.3

vendor:siemensmodel:simatic winccscope:eqversion:7.0

Trust: 0.3

vendor:siemensmodel:simatic winccscope:eqversion:6.2

Trust: 0.3

vendor:siemensmodel:simatic pcsscope:eqversion:79.0

Trust: 0.3

vendor:siemensmodel:simatic pcsscope:eqversion:78.2

Trust: 0.3

vendor:siemensmodel:simatic pcsscope:eqversion:78.1

Trust: 0.3

vendor:siemensmodel:simatic pcsscope:eqversion:78.0

Trust: 0.3

vendor:siemensmodel:simatic pcsscope:eqversion:77

Trust: 0.3

vendor:siemensmodel:simatic wincc updatescope:neversion:7.53

Trust: 0.3

vendor:simatic pcs 7model: - scope:eqversion:*

Trust: 0.2

vendor:simatic pcs 7model: - scope:eqversion:8.1

Trust: 0.2

vendor:simatic pcs 7model: - scope:eqversion:8.2

Trust: 0.2

vendor:simatic pcs 7model: - scope:eqversion:9.0

Trust: 0.2

vendor:simatic winccmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic winccmodel: - scope:eqversion:7.3

Trust: 0.2

vendor:simatic winccmodel: - scope:eqversion:7.4

Trust: 0.2

vendor:simatic winccmodel: - scope:eqversion:7.5

Trust: 0.2

vendor:simatic wincc tia portalmodel: - scope:eqversion:13.0

Trust: 0.2

vendor:simatic wincc tia portalmodel: - scope:eqversion:14.0

Trust: 0.2

vendor:simatic wincc tia portalmodel: - scope:eqversion:15.0

Trust: 0.2

vendor:simatic wincc runtime professionalmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: df80f7d1-c23d-4b6b-a4d2-d114f7117cd6 // CNVD: CNVD-2019-14939 // BID: 108404 // JVNDB: JVNDB-2019-004567 // NVD: CVE-2019-10917

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-10917
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-10917
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2019-14939
value: LOW

Trust: 0.6

CNNVD: CNNVD-201905-595
value: MEDIUM

Trust: 0.6

IVD: df80f7d1-c23d-4b6b-a4d2-d114f7117cd6
value: MEDIUM

Trust: 0.2

VULHUB: VHN-142511
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-10917
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-14939
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: df80f7d1-c23d-4b6b-a4d2-d114f7117cd6
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-142511
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-10917
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-10917
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: df80f7d1-c23d-4b6b-a4d2-d114f7117cd6 // CNVD: CNVD-2019-14939 // VULHUB: VHN-142511 // JVNDB: JVNDB-2019-004567 // CNNVD: CNNVD-201905-595 // NVD: CVE-2019-10917

PROBLEMTYPE DATA

problemtype:CWE-755

Trust: 1.1

problemtype:CWE-248

Trust: 1.0

problemtype:CWE-20

Trust: 0.9

sources: VULHUB: VHN-142511 // JVNDB: JVNDB-2019-004567 // NVD: CVE-2019-10917

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201905-595

TYPE

Input validation error

Trust: 1.1

sources: IVD: df80f7d1-c23d-4b6b-a4d2-d114f7117cd6 // BID: 108404 // CNNVD: CNNVD-201905-595

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004567

PATCH

title:SSA-697412url:https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf

Trust: 0.8

title:Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Input Validation Error Vulnerability (CNVD-2019-14939)url:https://www.cnvd.org.cn/patchInfo/show/161831

Trust: 0.6

sources: CNVD: CNVD-2019-14939 // JVNDB: JVNDB-2019-004567

EXTERNAL IDS

db:NVDid:CVE-2019-10917

Trust: 3.6

db:ICS CERTid:ICSA-19-134-08

Trust: 3.4

db:SIEMENSid:SSA-697412

Trust: 1.7

db:CNNVDid:CNNVD-201905-595

Trust: 0.9

db:BIDid:108404

Trust: 0.9

db:CNVDid:CNVD-2019-14939

Trust: 0.8

db:JVNDBid:JVNDB-2019-004567

Trust: 0.8

db:ICS CERTid:ICSA-19-134-02

Trust: 0.6

db:AUSCERTid:ESB-2019.1716.2

Trust: 0.6

db:IVDid:DF80F7D1-C23D-4B6B-A4D2-D114F7117CD6

Trust: 0.2

db:VULHUBid:VHN-142511

Trust: 0.1

sources: IVD: df80f7d1-c23d-4b6b-a4d2-d114f7117cd6 // CNVD: CNVD-2019-14939 // VULHUB: VHN-142511 // BID: 108404 // JVNDB: JVNDB-2019-004567 // CNNVD: CNNVD-201905-595 // NVD: CVE-2019-10917

REFERENCES

url:https://www.us-cert.gov/ics/advisories/icsa-19-134-08

Trust: 2.5

url:https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf

Trust: 1.7

url:https://ics-cert.us-cert.gov/advisories/icsa-19-134-08

Trust: 1.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-10917

Trust: 1.4

url:http://www.securityfocus.com/bid/108404

Trust: 1.2

url:http://subscriber.communications.siemens.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10917

Trust: 0.8

url:https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0

Trust: 0.6

url:https://www.auscert.org.au/bulletins/80946

Trust: 0.6

url:https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286

Trust: 0.6

sources: CNVD: CNVD-2019-14939 // VULHUB: VHN-142511 // BID: 108404 // JVNDB: JVNDB-2019-004567 // CNNVD: CNNVD-201905-595 // NVD: CVE-2019-10917

CREDITS

Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab, and ChengBin Wang from Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC

Trust: 0.6

sources: CNNVD: CNNVD-201905-595

SOURCES

db:IVDid:df80f7d1-c23d-4b6b-a4d2-d114f7117cd6
db:CNVDid:CNVD-2019-14939
db:VULHUBid:VHN-142511
db:BIDid:108404
db:JVNDBid:JVNDB-2019-004567
db:CNNVDid:CNNVD-201905-595
db:NVDid:CVE-2019-10917

LAST UPDATE DATE

2024-08-14T13:26:21.656000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-14939date:2019-05-21T00:00:00
db:VULHUBid:VHN-142511date:2021-11-02T00:00:00
db:BIDid:108404date:2019-05-22T06:00:00
db:JVNDBid:JVNDB-2019-004567date:2019-07-08T00:00:00
db:CNNVDid:CNNVD-201905-595date:2021-11-03T00:00:00
db:NVDid:CVE-2019-10917date:2021-11-02T19:30:50.800

SOURCES RELEASE DATE

db:IVDid:df80f7d1-c23d-4b6b-a4d2-d114f7117cd6date:2019-05-21T00:00:00
db:CNVDid:CNVD-2019-14939date:2019-05-21T00:00:00
db:VULHUBid:VHN-142511date:2019-05-14T00:00:00
db:BIDid:108404date:2019-05-14T00:00:00
db:JVNDBid:JVNDB-2019-004567date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-595date:2019-05-14T00:00:00
db:NVDid:CVE-2019-10917date:2019-05-14T20:29:02.387