ID

VAR-202009-1545


CVE

CVE-2020-14509


TITLE

CodeMeter  Vulnerability in accessing buffers with improper length values in

Trust: 0.8

sources: JVNDB: JVNDB-2020-011219

DESCRIPTION

Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields. An attacker could send specially crafted packets to exploit these vulnerabilities. CodeMeter There is a vulnerability in accessing the buffer with an improper length value.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Siemens SIMATIC WinCC OA (Open Architecture) is a set of SCADA system of Siemens (Siemens), Germany, and it is also an integral part of HMI series. The system is mainly suitable for industries such as rail transit, building automation and public power supply. Information Server is used to report and visualize the process data stored in the Process Historian. SINEC INS is a web-based application that combines various network services in one tool. SPPA-S2000 simulates the automation component (S7) of the nuclear DCS system SPPA-T2000. SPPA-S3000 simulates the automation components of DCS system SPPA-T3000. SPPA-T3000 is a distributed control system, mainly used in fossil and large renewable energy power plants. Many Siemens products have memory corruption vulnerabilities

Trust: 2.25

sources: NVD: CVE-2020-14509 // JVNDB: JVNDB-2020-011219 // CNVD: CNVD-2020-51245 // VULMON: CVE-2020-14509

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-51245

AFFECTED PRODUCTS

vendor:wibumodel:codemeterscope:ltversion:7.10

Trust: 1.0

vendor:wibumodel:codemeterscope:eqversion:7.10

Trust: 0.8

vendor:wibumodel:codemeterscope:eqversion: -

Trust: 0.8

vendor:siemensmodel:information server sp1scope:lteversion:<=2019

Trust: 0.6

vendor:siemensmodel:simatic wincc oascope:eqversion:3.17

Trust: 0.6

vendor:siemensmodel:sinec insscope: - version: -

Trust: 0.6

vendor:siemensmodel:sppa-s2000scope:eqversion:3.04

Trust: 0.6

vendor:siemensmodel:sppa-s2000scope:eqversion:3.06

Trust: 0.6

vendor:siemensmodel:sppa-t3000 r8.2 sp2scope: - version: -

Trust: 0.6

vendor:siemensmodel:sppa-s3000scope:eqversion:3.05

Trust: 0.6

sources: CNVD: CNVD-2020-51245 // JVNDB: JVNDB-2020-011219 // NVD: CVE-2020-14509

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-14509
value: CRITICAL

Trust: 1.0

NVD: CVE-2020-14509
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2020-51245
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202009-491
value: CRITICAL

Trust: 0.6

VULMON: CVE-2020-14509
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-14509
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2020-51245
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-14509
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2020-14509
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-51245 // VULMON: CVE-2020-14509 // JVNDB: JVNDB-2020-011219 // CNNVD: CNNVD-202009-491 // NVD: CVE-2020-14509

PROBLEMTYPE DATA

problemtype:CWE-805

Trust: 1.0

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:Accessing the buffer with improper length values (CWE-805) [ Other ]

Trust: 0.8

sources: JVNDB: JVNDB-2020-011219 // NVD: CVE-2020-14509

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202009-491

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202009-491

PATCH

title:CodeMeterurl:https://www.wibu.com/products/codemeter.html

Trust: 0.8

title:Patch for Memory corruption vulnerabilities in many Siemens productsurl:https://www.cnvd.org.cn/patchInfo/show/233335

Trust: 0.6

title:ARC and MATIO Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=127912

Trust: 0.6

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=6161645a91c3d669954a802b5a5a2baf

Trust: 0.1

title:Threatposturl:https://threatpost.com/severe-industrial-bugs-takeover-critical-systems/159068/

Trust: 0.1

sources: CNVD: CNVD-2020-51245 // VULMON: CVE-2020-14509 // JVNDB: JVNDB-2020-011219 // CNNVD: CNNVD-202009-491

EXTERNAL IDS

db:NVDid:CVE-2020-14509

Trust: 3.9

db:ICS CERTid:ICSA-20-203-01

Trust: 2.5

db:JVNid:JVNVU90770748

Trust: 0.8

db:JVNid:JVNVU94568336

Trust: 0.8

db:JVNDBid:JVNDB-2020-011219

Trust: 0.8

db:SIEMENSid:SSA-455843

Trust: 0.6

db:CNVDid:CNVD-2020-51245

Trust: 0.6

db:AUSCERTid:ESB-2020.3076.2

Trust: 0.6

db:AUSCERTid:ESB-2020.3076.3

Trust: 0.6

db:AUSCERTid:ESB-2020.3076

Trust: 0.6

db:CS-HELPid:SB2022021806

Trust: 0.6

db:CNNVDid:CNNVD-202009-491

Trust: 0.6

db:VULMONid:CVE-2020-14509

Trust: 0.1

sources: CNVD: CNVD-2020-51245 // VULMON: CVE-2020-14509 // JVNDB: JVNDB-2020-011219 // CNNVD: CNNVD-202009-491 // NVD: CVE-2020-14509

REFERENCES

url:https://us-cert.cisa.gov/ics/advisories/icsa-20-203-01

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-14509

Trust: 1.4

url:https://jvn.jp/vu/jvnvu94568336/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu90770748/

Trust: 0.8

url:https://cert-portal.siemens.com/productcert/pdf/ssa-455843.pdf

Trust: 0.6

url:https://vigilance.fr/vulnerability/siemens-simatic-six-vulnerabilities-via-wibu-systems-codemeter-runtime-33282

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022021806

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3076.2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3076.3/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3076/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/805.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/187940

Trust: 0.1

url:https://threatpost.com/severe-industrial-bugs-takeover-critical-systems/159068/

Trust: 0.1

sources: CNVD: CNVD-2020-51245 // VULMON: CVE-2020-14509 // JVNDB: JVNDB-2020-011219 // CNNVD: CNNVD-202009-491 // NVD: CVE-2020-14509

SOURCES

db:CNVDid:CNVD-2020-51245
db:VULMONid:CVE-2020-14509
db:JVNDBid:JVNDB-2020-011219
db:CNNVDid:CNNVD-202009-491
db:NVDid:CVE-2020-14509

LAST UPDATE DATE

2024-08-14T12:06:47.116000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-51245date:2020-09-10T00:00:00
db:VULMONid:CVE-2020-14509date:2020-09-22T00:00:00
db:JVNDBid:JVNDB-2020-011219date:2022-03-15T05:02:00
db:CNNVDid:CNNVD-202009-491date:2022-02-21T00:00:00
db:NVDid:CVE-2020-14509date:2021-11-04T18:22:07.627

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-51245date:2020-09-10T00:00:00
db:VULMONid:CVE-2020-14509date:2020-09-16T00:00:00
db:JVNDBid:JVNDB-2020-011219date:2021-03-24T00:00:00
db:CNNVDid:CNNVD-202009-491date:2020-09-08T00:00:00
db:NVDid:CVE-2020-14509date:2020-09-16T20:15:13.380