All the vulnerabilites related to Siemens - SIMATIC MV400 family
cve-2019-10926
Vulnerability from cvelistv5
Published
2019-06-12 13:47
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/108725 | vdb-entry, x_refsource_BID | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf | x_refsource_MISC | |
| https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Siemens | SIMATIC MV400 family |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "108725",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108725"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC MV400 family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions \u003c V7.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319: Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-15T17:03:29",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"name": "108725",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108725"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-10926",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC MV400 family",
"version": {
"version_data": [
{
"version_value": "All Versions \u003c V7.0.6"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). Communication with the device is not encrypted. Data transmitted between the device and the user can be obtained by an attacker in a privileged network position. The security vulnerability can be exploited by an attacker in a privileged network position which allows eavesdropping the communication between the affected device and the user. The user must invoke a session. Successful exploitation of the vulnerability compromises confidentiality of the data transmitted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319: Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "108725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108725"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-10926",
"datePublished": "2019-06-12T13:47:56",
"dateReserved": "2019-04-08T00:00:00",
"dateUpdated": "2024-08-04T22:40:15.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10925
Vulnerability from cvelistv5
Published
2019-06-12 13:47
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/108725 | vdb-entry, x_refsource_BID | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf | x_refsource_MISC | |
| https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02 | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Siemens | SIMATIC MV400 family |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "108725",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108725"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC MV400 family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions \u003c V7.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-15T17:03:29",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"name": "108725",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108725"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-10925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC MV400 family",
"version": {
"version_data": [
{
"version_value": "All Versions \u003c V7.0.6"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "108725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108725"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-10925",
"datePublished": "2019-06-12T13:47:56",
"dateReserved": "2019-04-08T00:00:00",
"dateUpdated": "2024-08-04T22:40:15.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-25241
Vulnerability from cvelistv5
Published
2021-03-15 17:03
Modified
2024-08-04 15:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf | x_refsource_MISC |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Siemens | SIMATIC MV400 family |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:33:05.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC MV400 family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions \u003c V7.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1285",
"description": "CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-15T17:03:30",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-25241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC MV400 family",
"version": {
"version_data": [
{
"version_value": "All Versions \u003c V7.0.6"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-25241",
"datePublished": "2021-03-15T17:03:30",
"dateReserved": "2020-09-10T00:00:00",
"dateUpdated": "2024-08-04T15:33:05.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-202103-0198
Vulnerability from variot
A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions. SIMATIC MV400 The family contains a vulnerability related to array index validation.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC MV400 is an industrial equipment of Germany's Siemens (Siemens) company. Used for optical identification.
An unspecified vulnerability exists in the Siemens SIMATIC MV400 series TCP protocol stack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-0198",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic mv420 sr-p body",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0.6"
},
{
"model": "simatic mv440 ur",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0.6"
},
{
"model": "simatic mv420 sr-b",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0.6"
},
{
"model": "simatic mv420 sr-b body",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0.6"
},
{
"model": "simatic mv420 sr-p",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0.6"
},
{
"model": "simatic mv440 sr",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0.6"
},
{
"model": "simatic mv440 hr",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0.6"
},
{
"model": "simatic mv420 sr-p body",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic mv440 ur",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic mv440 hr",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic mv440 sr",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic mv420 sr-b body",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic mv420 sr-b",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic mv420 sr-p",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic mv400 family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "7.0.6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16443"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016315"
},
{
"db": "NVD",
"id": "CVE-2020-25241"
}
]
},
"cve": "CVE-2020-25241",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-25241",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-16443",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-25241",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-25241",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-25241",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-25241",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-16443",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202103-685",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16443"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016315"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-685"
},
{
"db": "NVD",
"id": "CVE-2020-25241"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC MV400 family (All Versions \u003c V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions. SIMATIC MV400 The family contains a vulnerability related to array index validation.Service operation interruption (DoS) It may be in a state. Siemens SIMATIC MV400 is an industrial equipment of Germany\u0027s Siemens (Siemens) company. Used for optical identification. \n\r\n\r\nAn unspecified vulnerability exists in the Siemens SIMATIC MV400 series TCP protocol stack",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-25241"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016315"
},
{
"db": "CNVD",
"id": "CNVD-2021-16443"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-25241",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-599268",
"trust": 2.2
},
{
"db": "ICS CERT",
"id": "ICSA-21-068-07",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU93441670",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016315",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-16443",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0852",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202103-685",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16443"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016315"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-685"
},
{
"db": "NVD",
"id": "CVE-2020-25241"
}
]
},
"id": "VAR-202103-0198",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16443"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16443"
}
]
},
"last_update_date": "2024-09-13T22:22:40.457000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-599268",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
},
{
"title": "Siemens SIMATIC MV400 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=144277"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-016315"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-685"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-129",
"trust": 1.0
},
{
"problemtype": "CWE-1285",
"trust": 1.0
},
{
"problemtype": "Improper validation of array indexes (CWE-129) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-016315"
},
{
"db": "NVD",
"id": "CVE-2020-25241"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25241"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93441670/"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-07"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-mv400-two-vulnerabilities-via-tcp-stack-34783"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0852"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-07"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16443"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016315"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-685"
},
{
"db": "NVD",
"id": "CVE-2020-25241"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-16443"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016315"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-685"
},
{
"db": "NVD",
"id": "CVE-2020-25241"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-16443"
},
{
"date": "2021-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-016315"
},
{
"date": "2021-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-685"
},
{
"date": "2021-03-15T17:15:20.097000",
"db": "NVD",
"id": "CVE-2020-25241"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-16443"
},
{
"date": "2024-09-12T08:23:00",
"db": "JVNDB",
"id": "JVNDB-2020-016315"
},
{
"date": "2021-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-685"
},
{
"date": "2021-03-18T20:04:09.937000",
"db": "NVD",
"id": "CVE-2020-25241"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-685"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SIMATIC\u00a0MV400\u00a0 Vulnerability in sequence index validation in families",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-016315"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-685"
}
],
"trust": 0.6
}
}
var-202103-0210
Vulnerability from variot
In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions. SIMATIC MV400 family Exists in unspecified vulnerabilities.Information may be tampered with. Siemens SIMATIC MV400 is an industrial equipment of Germany's Siemens (Siemens) company. Used for optical identification.
The Siemens SIMATIC MV400 series TCP protocol stack has security vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-0210",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic mv440",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0.6"
},
{
"model": "simatic mv420",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.0.6"
},
{
"model": "simatic ident mv440 family",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic ident mv420 family",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic mv400 family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "7.0.6"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016226"
},
{
"db": "NVD",
"id": "CVE-2020-27632"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "and Amine Amri of Forescout Research Labs reported these vulnerabilities to CISA., Stanislav Dashevskyi,Daniel dos Santos, Jos Wetzels",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1076"
}
],
"trust": 0.6
},
"cve": "CVE-2020-27632",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-27632",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2021-16442",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-27632",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-27632",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-27632",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-27632",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-16442",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202102-1076",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016226"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1076"
},
{
"db": "NVD",
"id": "CVE-2020-27632"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. An attacker could predict and hijack TCP sessions. SIMATIC MV400 family Exists in unspecified vulnerabilities.Information may be tampered with. Siemens SIMATIC MV400 is an industrial equipment of Germany\u0027s Siemens (Siemens) company. Used for optical identification. \n\r\n\r\nThe Siemens SIMATIC MV400 series TCP protocol stack has security vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-27632"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016226"
},
{
"db": "CNVD",
"id": "CNVD-2021-16442"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1076"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-27632",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-21-042-01",
"trust": 2.4
},
{
"db": "SIEMENS",
"id": "SSA-599268",
"trust": 2.2
},
{
"db": "ICS CERT",
"id": "ICSA-21-068-07",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU93441670",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90767599",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016226",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-16442",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0852",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0538",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1076",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016226"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1076"
},
{
"db": "NVD",
"id": "CVE-2020-27632"
}
]
},
"id": "VAR-202103-0210",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16442"
}
],
"trust": 1.3777778
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16442"
}
]
},
"last_update_date": "2024-09-13T21:52:52.217000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-599268",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
},
{
"title": "Repair measures for security feature vulnerabilities of multiple products",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142809"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-016226"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1076"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-016226"
},
{
"db": "NVD",
"id": "CVE-2020-27632"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599268.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27632"
},
{
"trust": 1.4,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-042-01"
},
{
"trust": 1.0,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01"
},
{
"trust": 1.0,
"url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90767599/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93441670/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-07"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-mv400-two-vulnerabilities-via-tcp-stack-34783"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0852"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0538"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-068-07"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-16442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016226"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1076"
},
{
"db": "NVD",
"id": "CVE-2020-27632"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-16442"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-016226"
},
{
"db": "CNNVD",
"id": "CNNVD-202102-1076"
},
{
"db": "NVD",
"id": "CVE-2020-27632"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-16442"
},
{
"date": "2021-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-016226"
},
{
"date": "2021-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-1076"
},
{
"date": "2021-03-10T18:15:12.797000",
"db": "NVD",
"id": "CVE-2020-27632"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-16442"
},
{
"date": "2024-09-12T07:19:00",
"db": "JVNDB",
"id": "JVNDB-2020-016226"
},
{
"date": "2021-11-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202102-1076"
},
{
"date": "2023-10-10T17:15:10.510000",
"db": "NVD",
"id": "CVE-2020-27632"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1076"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SIMATIC\u00a0MV400\u00a0family\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-016226"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202102-1076"
}
],
"trust": 0.6
}
}