Details of VAR-202003-0764

ID

VAR-202003-0764

CVE

CVE-2019-19282

TITLE

Input validation vulnerabilities in multiple Siemens products

Trust: 0.8

sources: JVNDB: JVNDB-2019-014892

DESCRIPTION

A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition. Successful exploitation requires no system privileges and no user interaction. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) It may be put into a state. Both Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of the German company Siemens. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is a set of automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data. The following products and versions are affected:

Trust: 2.52

sources: NVD: CVE-2019-19282 // JVNDB: JVNDB-2019-014892 // CNVD: CNVD-2020-23038 // IVD: f4962b74-9c97-44a9-9a1d-5d93cf01f098 // VULHUB: VHN-151713 // VULMON: CVE-2019-19282

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: f4962b74-9c97-44a9-9a1d-5d93cf01f098 // CNVD: CNVD-2020-23038

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic wincc	scope:	eq	version:	14.0.1	Trust: 1.6
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	15.1	Trust: 1.6
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	16	Trust: 1.6
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	7.5	Trust: 1.0
vendor:	siemens	model:	simatic batch	scope:	eq	version:	9.0	Trust: 1.0
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	7.5.1	Trust: 1.0
vendor:	siemens	model:	simatic route control	scope:	eq	version:	9.0	Trust: 1.0
vendor:	siemens	model:	simatic route control	scope:	lt	version:	9.0	Trust: 1.0
vendor:	siemens	model:	openpcs 7	scope:	eq	version:	9.0	Trust: 1.0
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	13	Trust: 1.0
vendor:	siemens	model:	simatic pcs 7	scope:	eq	version:	8.1	Trust: 1.0
vendor:	siemens	model:	openpcs 7	scope:	eq	version:	9.0_update_1	Trust: 1.0
vendor:	siemens	model:	simatic pcs 7	scope:	eq	version:	9.0	Trust: 1.0
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	7.4	Trust: 1.0
vendor:	siemens	model:	simatic net pc	scope:	eq	version:	16	Trust: 1.0
vendor:	siemens	model:	simatic pcs 7	scope:	eq	version:	8.2	Trust: 1.0
vendor:	siemens	model:	simatic net pc	scope:	lt	version:	16	Trust: 1.0
vendor:	siemens	model:	simatic net pc software	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic openpcs 7	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic pcs 7	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic route control	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic wincc	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic net pc-software	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	openpcs	scope:	eq	version:	7v8.1	Trust: 0.6
vendor:	siemens	model:	openpcs	scope:	eq	version:	7v8.2	Trust: 0.6
vendor:	siemens	model:	simatic batch	scope:	eq	version:	v8.1	Trust: 0.6
vendor:	siemens	model:	simatic batch	scope:	eq	version:	v8.2	Trust: 0.6
vendor:	siemens	model:	simatic route control	scope:	eq	version:	v8.1	Trust: 0.6
vendor:	siemens	model:	simatic route control	scope:	eq	version:	v8.2	Trust: 0.6
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	v7.3	Trust: 0.6
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	v7.4	Trust: 0.6
vendor:	siemens	model:	simatic pcs	scope:	eq	version:	7v8.1	Trust: 0.6
vendor:	siemens	model:	simatic pcs	scope:	eq	version:	7v8.2	Trust: 0.6
vendor:	siemens	model:	simatic pcs	scope:	eq	version:	7v9.0	Trust: 0.6
vendor:	siemens	model:	openpcs	scope:	eq	version:	7v9.0	Trust: 0.6
vendor:	siemens	model:	simatic batch	scope:	eq	version:	v9.0	Trust: 0.6
vendor:	siemens	model:	simatic route control	scope:	eq	version:	v9.0	Trust: 0.6
vendor:	siemens	model:	simatic wincc upd1	scope:	lt	version:	7.5.1	Trust: 0.6
vendor:	siemens	model:	simatic wincc sp2	scope:	lt	version:	13	Trust: 0.6
vendor:	simatic wincc	model:	-	scope:	eq	version:	13	Trust: 0.4
vendor:	openpcs 7	model:	-	scope:	eq	version:	8.1	Trust: 0.2
vendor:	openpcs 7	model:	-	scope:	eq	version:	8.2	Trust: 0.2
vendor:	openpcs 7	model:	-	scope:	eq	version:	9.0	Trust: 0.2
vendor:	simatic batch	model:	-	scope:	eq	version:	8.1	Trust: 0.2
vendor:	simatic batch	model:	-	scope:	eq	version:	8.2	Trust: 0.2
vendor:	simatic batch	model:	-	scope:	eq	version:	9.0	Trust: 0.2
vendor:	simatic net pc	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	simatic net pc	model:	-	scope:	eq	version:	16	Trust: 0.2
vendor:	simatic pcs 7	model:	-	scope:	eq	version:	8.1	Trust: 0.2
vendor:	simatic pcs 7	model:	-	scope:	eq	version:	8.2	Trust: 0.2
vendor:	simatic pcs 7	model:	-	scope:	eq	version:	9.0	Trust: 0.2
vendor:	simatic route control	model:	-	scope:	eq	version:	8.1	Trust: 0.2
vendor:	simatic route control	model:	-	scope:	eq	version:	8.2	Trust: 0.2
vendor:	simatic route control	model:	-	scope:	eq	version:	9.0	Trust: 0.2
vendor:	simatic wincc	model:	-	scope:	eq	version:	7.3	Trust: 0.2
vendor:	simatic wincc	model:	-	scope:	eq	version:	7.4	Trust: 0.2
vendor:	simatic wincc	model:	-	scope:	eq	version:	7.5.1	Trust: 0.2
vendor:	simatic wincc	model:	-	scope:	eq	version:	14.0.1	Trust: 0.2
vendor:	simatic wincc	model:	-	scope:	eq	version:	15.1	Trust: 0.2
vendor:	simatic wincc	model:	-	scope:	eq	version:	16	Trust: 0.2

sources: IVD: f4962b74-9c97-44a9-9a1d-5d93cf01f098 // CNVD: CNVD-2020-23038 // JVNDB: JVNDB-2019-014892 // NVD: CVE-2019-19282

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-19282
value:	HIGH
Trust: 1.0
productcert@siemens.com:	CVE-2019-19282
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2019-014892
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2020-23038
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202002-592
value:	HIGH
Trust: 0.6
IVD:	f4962b74-9c97-44a9-9a1d-5d93cf01f098
value:	HIGH
Trust: 0.2
VULHUB:	VHN-151713
value:	HIGH
Trust: 0.1
VULMON:	CVE-2019-19282
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-19282
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2019-014892
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2020-23038
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	f4962b74-9c97-44a9-9a1d-5d93cf01f098
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-151713
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-19282
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	JVNDB-2019-014892
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: f4962b74-9c97-44a9-9a1d-5d93cf01f098 // CNVD: CNVD-2020-23038 // VULHUB: VHN-151713 // VULMON: CVE-2019-19282 // JVNDB: JVNDB-2019-014892 // CNNVD: CNNVD-202002-592 // NVD: CVE-2019-19282 // NVD: CVE-2019-19282

PROBLEMTYPE DATA

problemtype:	CWE-131	Trust: 1.0
problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-20	Trust: 0.9

sources: VULHUB: VHN-151713 // JVNDB: JVNDB-2019-014892 // NVD: CVE-2019-19282

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202002-592

TYPE

Input validation error

Trust: 0.8

sources: IVD: f4962b74-9c97-44a9-9a1d-5d93cf01f098 // CNNVD: CNNVD-202002-592

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-014892

PATCH

title:	SSA-270778	url:	https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf	Trust: 0.8
title:	Patch for Multiple Siemens product input verification error vulnerabilities (CNVD-2020-23038)	url:	https://www.cnvd.org.cn/patchInfo/show/214033	Trust: 0.6
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=800a481f0929c6152050035d1acdb727	Trust: 0.1

sources: CNVD: CNVD-2020-23038 // VULMON: CVE-2019-19282 // JVNDB: JVNDB-2019-014892

EXTERNAL IDS

db:	NVD	id:	CVE-2019-19282	Trust: 3.4
db:	ICS CERT	id:	ICSA-20-042-06	Trust: 2.1
db:	SIEMENS	id:	SSA-270778	Trust: 1.8
db:	CNVD	id:	CNVD-2020-23038	Trust: 0.9
db:	CNNVD	id:	CNNVD-202002-592	Trust: 0.9
db:	JVNDB	id:	JVNDB-2019-014892	Trust: 0.8
db:	ICS CERT	id:	ICSA-20-042-08	Trust: 0.6
db:	ICS CERT	id:	ICSA-20-042-07	Trust: 0.6
db:	ICS CERT	id:	ICSA-20-042-05	Trust: 0.6
db:	ICS CERT	id:	ICSA-20-042-03	Trust: 0.6
db:	ICS CERT	id:	ICSA-20-042-04	Trust: 0.6
db:	ICS CERT	id:	ICSA-20-042-09	Trust: 0.6
db:	ICS CERT	id:	ICSA-20-042-02	Trust: 0.6
db:	ICS CERT	id:	ICSA-20-042-01	Trust: 0.6
db:	ICS CERT	id:	ICSA-20-042-10	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0486	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0486.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0486.3	Trust: 0.6
db:	IVD	id:	F4962B74-9C97-44A9-9A1D-5D93CF01F098	Trust: 0.2
db:	VULHUB	id:	VHN-151713	Trust: 0.1
db:	VULMON	id:	CVE-2019-19282	Trust: 0.1

REFERENCES

url:	https://www.us-cert.gov/ics/advisories/icsa-20-042-06	Trust: 2.0
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19282	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-19282	Trust: 0.8
url:	https://www.us-cert.gov/ics/advisories/icsa-20-042-10	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-20-042-09	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-20-042-08	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-20-042-07	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-20-042-05	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-20-042-04	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-20-042-03	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-20-042-02	Trust: 0.6
url:	https://www.us-cert.gov/ics/advisories/icsa-20-042-01	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0486/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0486.2/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0486.3/	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-20-042-06	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-20-042-06	Trust: 0.1

sources: CNVD: CNVD-2020-23038 // VULHUB: VHN-151713 // VULMON: CVE-2019-19282 // JVNDB: JVNDB-2019-014892 // CNNVD: CNNVD-202002-592 // NVD: CVE-2019-19282

CREDITS

Nicholas Miles from Tenable reported this vulnerability to Siemens.

Trust: 0.6

sources: CNNVD: CNNVD-202002-592

SOURCES

db:	IVD	id:	f4962b74-9c97-44a9-9a1d-5d93cf01f098
db:	CNVD	id:	CNVD-2020-23038
db:	VULHUB	id:	VHN-151713
db:	VULMON	id:	CVE-2019-19282
db:	JVNDB	id:	JVNDB-2019-014892
db:	CNNVD	id:	CNNVD-202002-592
db:	NVD	id:	CVE-2019-19282

LAST UPDATE DATE

2024-08-14T12:55:53.366000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-23038	date:	2020-04-16T00:00:00
db:	VULHUB	id:	VHN-151713	date:	2020-10-19T00:00:00
db:	VULMON	id:	CVE-2019-19282	date:	2022-04-12T00:00:00
db:	JVNDB	id:	JVNDB-2019-014892	date:	2020-03-27T00:00:00
db:	CNNVD	id:	CNNVD-202002-592	date:	2023-04-12T00:00:00
db:	NVD	id:	CVE-2019-19282	date:	2023-04-11T10:15:08.857

SOURCES RELEASE DATE

db:	IVD	id:	f4962b74-9c97-44a9-9a1d-5d93cf01f098	date:	2020-02-11T00:00:00
db:	CNVD	id:	CNVD-2020-23038	date:	2020-04-16T00:00:00
db:	VULHUB	id:	VHN-151713	date:	2020-03-10T00:00:00
db:	VULMON	id:	CVE-2019-19282	date:	2020-03-10T00:00:00
db:	JVNDB	id:	JVNDB-2019-014892	date:	2020-03-26T00:00:00
db:	CNNVD	id:	CNNVD-202002-592	date:	2020-02-11T00:00:00
db:	NVD	id:	CVE-2019-19282	date:	2020-03-10T20:15:18.960