ID

VAR-201908-1838


CVE

CVE-2019-10943


TITLE

plural SIMATIC Access control vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2019-008098

DESCRIPTION

A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V20.8), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions >= V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-1500 Software Controller (All versions >= V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC S7-PLCSIM Advanced (All versions >= V3.0). An attacker with network access to port 102/tcp could potentially modify the user program on the PLC in a way that the running code is different from the source code which is stored on the device. An attacker must have network access to affected devices and must be able to perform changes to the user program. The vulnerability could impact the perceived integrity of the user program stored on the CPU. An engineer that tries to obtain the code of the user program running on the device, can receive different source code that is not actually running on the device. plural SIMATIC The product contains an access control vulnerability.Information may be tampered with. The Simatic S7-1200 CPU and Simatic S7-1500 CPU series are discrete and continuous control in industrial environments such as manufacturing, food and beverage, and chemical industries. A man-in-the-middle attack vulnerability exists in the SIMATICS7-1200 and SIMATICS7-1500CPU families. A vulnerability has been identified in SIMATIC ET200SP (incl. No public exploitation of the vulnerability was known at the time of advisory publication. Both Siemens SIMATIC S7-1500 CPU and Siemens SIMATIC S7-1200 are products of Siemens, Germany. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. Siemens SIMATIC S7-1200 is a S7-1200 series PLC (programmable logic controller). This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles

Trust: 2.43

sources: NVD: CVE-2019-10943 // JVNDB: JVNDB-2019-008098 // CNVD: CNVD-2019-27700 // IVD: f259ba44-659c-4896-9e72-76a889fc2aca // VULHUB: VHN-142540

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: f259ba44-659c-4896-9e72-76a889fc2aca // CNVD: CNVD-2019-27700

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1500 cpu 1518scope:ltversion:2.8.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1212cscope:ltversion:4.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1512cscope:ltversion:2.8.1

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1217cscope:ltversion:4.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 software controllerscope:ltversion:20.8

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1211cscope:ltversion:4.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1215cscope:ltversion:4.4

Trust: 1.0

vendor:siemensmodel:simatic s7-1500 cpu 1511cscope:ltversion:2.8.1

Trust: 1.0

vendor:siemensmodel:simatic et 200sp open controller cpu 1515sp pcscope:eqversion:*

Trust: 1.0

vendor:siemensmodel:simatic s7-1200 cpu 1214cscope:ltversion:4.4

Trust: 1.0

vendor:siemensmodel:simatic et 200sp open controller cpu 1515sp pc2scope:ltversion:20.8

Trust: 1.0

vendor:siemensmodel:simatic s7 plcsim advancedscope:ltversion:3.0

Trust: 1.0

vendor:siemensmodel:simatic et 200 sp open controller cpu 1515sp pcscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic et 200 sp open controller cpu 1515sp pc2scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1200 cpu 1211cscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1200 cpu 1212cscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1200 cpu 1214cscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1200 cpu 1215cscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1200 cpu 1217cscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 cpu 1511cscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 cpu 1512cscope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 cpu 1518scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic s7-1500 software controllerscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-1500 cpu familyscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-plcsim advancedscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic s7-1200 cpu familyscope:gteversion:v4.0

Trust: 0.6

vendor:siemensmodel:simatic et 200sp open controller cpu1515sp pcscope: - version: -

Trust: 0.6

vendor:siemensmodel:simatic et 200sp open controller cpu1515sp pc2scope: - version: -

Trust: 0.6

vendor:simatic et 200sp open controller cpu 1515sp pcmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1500 cpu 1512cmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1500model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 plcsim advancedmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic et 200sp open controller cpu 1515sp pc2model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1200 cpu 1211cmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1200 cpu 1212cmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1200 cpu 1214cmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1200 cpu 1215cmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1200 cpu 1217cmodel: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1500 cpu 1518model: - scope:eqversion:*

Trust: 0.2

vendor:simatic s7 1500 cpu 1511cmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: f259ba44-659c-4896-9e72-76a889fc2aca // CNVD: CNVD-2019-27700 // JVNDB: JVNDB-2019-008098 // NVD: CVE-2019-10943

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-10943
value: HIGH

Trust: 1.0

NVD: CVE-2019-10943
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-27700
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201908-899
value: HIGH

Trust: 0.6

IVD: f259ba44-659c-4896-9e72-76a889fc2aca
value: HIGH

Trust: 0.2

VULHUB: VHN-142540
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-10943
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-27700
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: f259ba44-659c-4896-9e72-76a889fc2aca
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-142540
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-10943
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-10943
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: f259ba44-659c-4896-9e72-76a889fc2aca // CNVD: CNVD-2019-27700 // VULHUB: VHN-142540 // JVNDB: JVNDB-2019-008098 // CNNVD: CNNVD-201908-899 // NVD: CVE-2019-10943

PROBLEMTYPE DATA

problemtype:CWE-345

Trust: 1.1

problemtype:CWE-353

Trust: 1.0

problemtype:CWE-284

Trust: 0.9

sources: VULHUB: VHN-142540 // JVNDB: JVNDB-2019-008098 // NVD: CVE-2019-10943

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-899

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-201908-899

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-008098

PATCH

title:SSA-232418url:https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf

Trust: 0.8

title:Patch for SIMATICS7-1200 and SIMATICS7-1500CPU families permission access vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/175779

Trust: 0.6

sources: CNVD: CNVD-2019-27700 // JVNDB: JVNDB-2019-008098

EXTERNAL IDS

db:NVDid:CVE-2019-10943

Trust: 3.3

db:SIEMENSid:SSA-232418

Trust: 2.3

db:ICS CERTid:ICSA-19-344-06

Trust: 1.4

db:CNNVDid:CNNVD-201908-899

Trust: 0.9

db:CNVDid:CNVD-2019-27700

Trust: 0.8

db:JVNDBid:JVNDB-2019-008098

Trust: 0.8

db:AUSCERTid:ESB-2019.4621

Trust: 0.6

db:IVDid:F259BA44-659C-4896-9E72-76A889FC2ACA

Trust: 0.2

db:VULHUBid:VHN-142540

Trust: 0.1

sources: IVD: f259ba44-659c-4896-9e72-76a889fc2aca // CNVD: CNVD-2019-27700 // VULHUB: VHN-142540 // JVNDB: JVNDB-2019-008098 // CNNVD: CNNVD-201908-899 // NVD: CVE-2019-10943

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf

Trust: 2.3

url:https://www.us-cert.gov/ics/advisories/icsa-19-344-06

Trust: 1.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-10943

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10943

Trust: 0.8

url:https://vigilance.fr/vulnerability/simatic-two-vulnerabilities-30052

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4621/

Trust: 0.6

sources: CNVD: CNVD-2019-27700 // VULHUB: VHN-142540 // JVNDB: JVNDB-2019-008098 // CNNVD: CNNVD-201908-899 // NVD: CVE-2019-10943

SOURCES

db:IVDid:f259ba44-659c-4896-9e72-76a889fc2aca
db:CNVDid:CNVD-2019-27700
db:VULHUBid:VHN-142540
db:JVNDBid:JVNDB-2019-008098
db:CNNVDid:CNNVD-201908-899
db:NVDid:CVE-2019-10943

LAST UPDATE DATE

2024-08-14T15:23:01.595000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-27700date:2019-08-30T00:00:00
db:VULHUBid:VHN-142540date:2020-10-02T00:00:00
db:JVNDBid:JVNDB-2019-008098date:2019-12-11T00:00:00
db:CNNVDid:CNNVD-201908-899date:2022-08-11T00:00:00
db:NVDid:CVE-2019-10943date:2022-08-10T20:28:13.013

SOURCES RELEASE DATE

db:IVDid:f259ba44-659c-4896-9e72-76a889fc2acadate:2019-08-15T00:00:00
db:CNVDid:CNVD-2019-27700date:2019-08-15T00:00:00
db:VULHUBid:VHN-142540date:2019-08-13T00:00:00
db:JVNDBid:JVNDB-2019-008098date:2019-08-26T00:00:00
db:CNNVDid:CNNVD-201908-899date:2019-08-13T00:00:00
db:NVDid:CVE-2019-10943date:2019-08-13T19:15:15.530