Lucene search

[email protected]CVE-2019-6577

HistoryMay 14, 2019 - 8:29 p.m.

CVE-2019-6577

2019-05-1420:29:04

CWE-79

CWE-80

[email protected]

web.nvd.nist.gov

cve

2019

6577

simatic

hmi

panels

cross-site scripting

xss

security vulnerability

nvd

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.1%

JSON

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known.

Affected configurations

NVD

Node

siemenssimatic_hmi_comfort_panels_firmwareRange<15.1

AND

siemenssimatic_hmi_comfort_panelsMatch-

Node

siemenssimatic_hmi_comfort_outdoor_panels_firmwareRange<15.1

AND

siemenssimatic_hmi_comfort_outdoor_panelsMatch-

Node

siemenssimatic_hmi_ktp_mobile_panels_ktp400f_firmwareRange<15.1

AND

siemenssimatic_hmi_ktp_mobile_panels_ktp400fMatch-

Node

siemenssimatic_hmi_ktp_mobile_panels_ktp700_firmwareRange<15.1

AND

siemenssimatic_hmi_ktp_mobile_panels_ktp700Match-

Node

siemenssimatic_hmi_ktp_mobile_panels_ktp700f_firmwareRange<15.1

AND

siemenssimatic_hmi_ktp_mobile_panels_ktp700fMatch-

Node

siemenssimatic_hmi_ktp_mobile_panels_ktp900_firmwareRange<15.1

AND

siemenssimatic_hmi_ktp_mobile_panels_ktp900Match-

Node

siemenssimatic_hmi_ktp_mobile_panels_ktp900f_firmwareRange<15.1

AND

siemenssimatic_hmi_ktp_mobile_panels_ktp900fMatch-

Node

siemenssimatic_wincc_\(tia_portal\)Range<15.1

siemenssimatic_wincc_runtimeRange<15.1advanced

siemenssimatic_wincc_runtimeRange<15.1professional

Node

siemenssimatic_hmi_tp_firmware

AND

siemenssimatic_hmi_tpMatch-

Node

siemenssimatic_hmi_mp_firmware

AND

siemenssimatic_hmi_mpMatch-

Node

siemenssimatic_hmi_op_firmware

AND

siemenssimatic_hmi_opMatch-

CPENameOperatorVersion
siemens:simatic_hmi_comfort_panels_firmwaresiemens simatic hmi comfort panels firmwarelt15.1

CPE	Name	Operator	Version
siemens:simatic_hmi_comfort_panels_firmware	siemens simatic hmi comfort panels firmware	lt	15.1

CNA Affected

[
  {
    "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC HMI Comfort Outdoor Panels 7\" & 15\"",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC Runtime Advanced",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC Runtime Professional",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC (TIA Portal)",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  }
]

References

www.securityfocus.com/bid/108412

cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf

www.us-cert.gov/ics/advisories/ICSA-19-134-09

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.1%

JSON

Related for CVE-2019-6577

cnvd1 prion1 nvd1 cvelist1 ics1