All the vulnerabilites related to Siemens - SIMIT Simulation Platform
cve-2025-30033
Vulnerability from cvelistv5
Published
2025-08-12 11:16
Modified
2025-08-12 20:10
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30033",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-12T20:10:10.615077Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T20:10:30.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Automation License Manager V6.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Automation License Manager V6.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.2 Upd3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "CEMAT V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "CP PtP Param configuring interface",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Create MyConfig (CMC)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Energy Support Library (EnSL)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "FM Configuration Package",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Modular PID CTRL Tool",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "MultiFieldbus Configuration Tool\u00a0(MFCT)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "OpenPCS 7 V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "OpenPCS 7 V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Siemens Network Planner (SINETPLAN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Automation Tool",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Automation Tool SDK Windows",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC BATCH V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC BATCH V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Control Function Library (CFL) V1.0.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Control Function Library (CFL) V2.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Control Function Library (CFL) V3.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Control Function Library (CFL) V4.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC\u00a0D7-SYS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC eaSie Core Package",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC eaSie Document Skills",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC eaSie PCS 7 Skill Package",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC eaSie Workflow Skills",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Energy Suite V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Energy Suite V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Energy Suite V19",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Logon V1.6",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Logon V2.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Management Agent",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Management Console",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MTP CREATOR\u00a0V2.x",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MTP CREATOR V3.x",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MTP CREATOR V4.x",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MTP CREATOR\u00a0V5.x",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MTP Integrator V1.x",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC MTP Integrator V2.x",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V16",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V19",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V20",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V20.0 Update 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ODK 1500S",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Advanced Process Faceplates V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Advanced Process Functions V2.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Advanced Process Functions V2.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Advanced Process Graphics V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Advanced Process Graphics V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Advanced Process Library incl. Faceplates V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Advanced Process Library V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Basis Faceplates V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Basis Library V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Basis Library V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Industry Library V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Industry Library V9.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Industry Library V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Logic Matrix V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Logic Matrix V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 MPC Configurator",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 PowerControl",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Standard Chemical Library V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 Standard Chemical Library V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 TeleControl",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7/OPEN OS V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS neo V5.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS neo V6.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.0 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PDM Maintenance Station V5.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PDM V9.2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PDM V9.3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Process Function Library (PFL) V4.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Process Historian 2020",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Process Historian 2022",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Process Historian 2024",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ProSave V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ProSave V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ProSave V19",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V19 Update 4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC ProSave V20",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Route Control V10.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Route Control V9.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7 F Systems V6.3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7 F Systems V6.4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 Software Controller V3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-Fail-safe Configuration Tool (S7-FCT)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PCT",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.0 Update 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM V19",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-PLCSIM V20",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V20 Update 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Safety Matrix",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC STEP 7 CFC V19",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC STEP 7 CFC V20",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC STEP 7 V5.7",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Target",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC flexible ES",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Professional",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Runtime Professional V20",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC TeleControl",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Unified Line Coordination",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Unified PC Runtime V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Unified PC Runtime V19",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Unified PC Runtime V20",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Unified Sequence",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V7.5",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V8.0",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V8.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1 Update 3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Visualization Architect (SiVArc) V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Visualization Architect (SiVArc) V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Visualization Architect (SiVArc) V19",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC Visualization Architect (SiVArc) V20",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMIT Rapid Tester",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMIT Simulation Platform",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS Startdrive V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS Startdrive V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS Startdrive V19",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS Startdrive V20",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEMA Remote Connect Client",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SITRANS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Standard PID CTRL Tool",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TeleControl Server Basic V3.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1.2.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Administrator",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Portal Cloud Connector",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Portal Test Suite V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Portal Test Suite V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Portal Test Suite V19",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Portal Test Suite V20",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Project-Server",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIA Project-Server V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "WinCC Panel Image Setup",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427: Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T11:16:56.565Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-282044.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2025-30033",
"datePublished": "2025-08-12T11:16:56.565Z",
"dateReserved": "2025-03-14T09:05:35.696Z",
"dateUpdated": "2025-08-12T20:10:30.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-202204-0684
Vulnerability from variot
The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined.
This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments. simatic cfu diq firmware, SIMATIC CFU PA firmware, SIMATIC S7-300 CPU Multiple Siemens products such as firmware contain a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-400 CPU family is designed for process control in industrial environments. The SIMATIC S7-300 CPU family is designed for discrete and continuous control in industrial environments. The SIMATIC S7-1500 CPU family is designed for discrete and continuous control in industrial environments. The SIMATIC Compact Field Unit (SIMATIC CFU) is an intelligent field distributor. The SIMATIC ET 200 interface module is used to connect field devices (IO devices) to the controller via PROFINET. SIMATIC TDC is a multiprocessor automation system for drive, control and technical tasks. SIMATIC WinAC RTX is the SIMATIC software controller for PC-based automation solutions. SIPLUSextreme products are designed for reliable operation under extreme conditions. The SIMIT Simulation Platform allows the simulation of plant setups to predict failures at an early planning stage.
A denial of service vulnerability exists in Siemens PROFINET Stack Integrated on Interniche Stack. A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (All versions), SIMIT Simulation Platform (All versions)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-0684",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic s7-300 cpu",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-410 v8",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-400 pn\\/dp v7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-400h v6",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic tdc cpu555",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-1500 cpu",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0.0"
},
{
"model": "simatic cfu diq",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic winac rtx",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cfu pa",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic tdc cp51m1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simit simulation platform",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-410 v10",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic s7-410 v10",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cfu diq",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-400 pn/dp v7",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-1500 cpu",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-410 v8",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic cfu pa",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-300 cpu",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic tdc cp51m1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic tdc cpu555",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-400h v6",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simit simulation platform",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic winac rtx",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "simatic s7-300 cpu family",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-1500 cpu family",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic tdc cp51m1",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic tdc cpu555",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simit simulation platform",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cfu diq",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cfu pa",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic s7-400 h cpu family",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v6\u003c6.0.10"
},
{
"model": "simatic s7-400 pn/dp cpu family",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v7"
},
{
"model": "simatic s7-410 cpu family",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v8"
},
{
"model": "simatic s7-410 cpu family",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v10"
},
{
"model": "simatic winac rtx",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-28496"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008398"
},
{
"db": "NVD",
"id": "CVE-2022-25622"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported this vulnerability to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2940"
}
],
"trust": 0.6
},
"cve": "CVE-2022-25622",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2022-25622",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-28496",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-25622",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2022-25622",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-25622",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-25622",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2022-25622",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2022-25622",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2022-28496",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-2940",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-25622",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-28496"
},
{
"db": "VULMON",
"id": "CVE-2022-25622"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008398"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2940"
},
{
"db": "NVD",
"id": "CVE-2022-25622"
},
{
"db": "NVD",
"id": "CVE-2022-25622"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. \n\nThis could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments. simatic cfu diq firmware, SIMATIC CFU PA firmware, SIMATIC S7-300 CPU Multiple Siemens products such as firmware contain a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state. The SIMATIC S7-400 CPU family is designed for process control in industrial environments. The SIMATIC S7-300 CPU family is designed for discrete and continuous control in industrial environments. The SIMATIC S7-1500 CPU family is designed for discrete and continuous control in industrial environments. The SIMATIC Compact Field Unit (SIMATIC CFU) is an intelligent field distributor. The SIMATIC ET 200 interface module is used to connect field devices (IO devices) to the controller via PROFINET. SIMATIC TDC is a multiprocessor automation system for drive, control and technical tasks. SIMATIC WinAC RTX is the SIMATIC software controller for PC-based automation solutions. SIPLUSextreme products are designed for reliable operation under extreme conditions. The SIMIT Simulation Platform allows the simulation of plant setups to predict failures at an early planning stage. \n\r\n\r\nA denial of service vulnerability exists in Siemens PROFINET Stack Integrated on Interniche Stack. A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.0.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions \u003c V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (All versions), SIMIT Simulation Platform (All versions)",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-25622"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008398"
},
{
"db": "CNVD",
"id": "CNVD-2022-28496"
},
{
"db": "VULMON",
"id": "CVE-2022-25622"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-25622",
"trust": 3.9
},
{
"db": "SIEMENS",
"id": "SSA-446448",
"trust": 3.1
},
{
"db": "ICS CERT",
"id": "ICSA-22-104-06",
"trust": 1.5
},
{
"db": "JVN",
"id": "JVNVU91165555",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008398",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-28496",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1713",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022042008",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2940",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-25622",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-28496"
},
{
"db": "VULMON",
"id": "CVE-2022-25622"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008398"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2940"
},
{
"db": "NVD",
"id": "CVE-2022-25622"
}
]
},
"id": "VAR-202204-0684",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-28496"
}
],
"trust": 1.3449991391666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-28496"
}
]
},
"last_update_date": "2024-08-14T13:42:54.772000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens PROFINET Stack Integrated on Interniche Stack Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/329201"
},
{
"title": "Multiple Siemens SIMATIC Product resource management error vulnerability fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=245481"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-28496"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2940"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.0
},
{
"problemtype": "Resource exhaustion (CWE-400) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-008398"
},
{
"db": "NVD",
"id": "CVE-2022-25622"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-446448.pdf"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-446448.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91165555/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-25622"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-104-06"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-profinet-interniche-ip-stack-38018"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-104-06"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-25622/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1713"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022042008"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-06"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-28496"
},
{
"db": "VULMON",
"id": "CVE-2022-25622"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008398"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2940"
},
{
"db": "NVD",
"id": "CVE-2022-25622"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-28496"
},
{
"db": "VULMON",
"id": "CVE-2022-25622"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008398"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2940"
},
{
"db": "NVD",
"id": "CVE-2022-25622"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-28496"
},
{
"date": "2022-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-25622"
},
{
"date": "2023-07-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-008398"
},
{
"date": "2022-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2940"
},
{
"date": "2022-04-12T09:15:14.483000",
"db": "NVD",
"id": "CVE-2022-25622"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-28496"
},
{
"date": "2022-04-22T00:00:00",
"db": "VULMON",
"id": "CVE-2022-25622"
},
{
"date": "2023-07-26T08:25:00",
"db": "JVNDB",
"id": "JVNDB-2022-008398"
},
{
"date": "2023-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2940"
},
{
"date": "2024-07-09T12:15:05.463000",
"db": "NVD",
"id": "CVE-2022-25622"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2940"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Resource Exhaustion Vulnerability in Multiple Siemens Products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-008398"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2940"
}
],
"trust": 0.6
}
}
var-202106-0816
Vulnerability from variot
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server. Wibu-Systems CodeMeter Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. CodeMeter is a security tool from WIBU in Germany, which provides integrated technology for software developers and smart device companies
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-0816",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic process historian",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2020"
},
{
"model": "sicam 230",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic pcs neo",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.17"
},
{
"model": "simit simulation platform",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "10.3"
},
{
"model": "simit simulation platform",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "10.0"
},
{
"model": "simatic process historian",
"scope": "gte",
"trust": 1.0,
"vendor": "siemens",
"version": "2019"
},
{
"model": "pss cape",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic information server",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2020"
},
{
"model": "codemeter",
"scope": "lte",
"trust": 1.0,
"vendor": "wibu",
"version": "7.21a"
},
{
"model": "sinec infrastructure network services",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0.1"
},
{
"model": "sinema remote connect server",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "simatic process historian",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2020"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.18"
},
{
"model": "simit simulation platform",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "10.3"
},
{
"model": "sinec infrastructure network services",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0.1.1"
},
{
"model": "simatic information server",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2019"
},
{
"model": "sinema remote connect server",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "codemeter",
"scope": "eq",
"trust": 0.8,
"vendor": "wibu",
"version": null
},
{
"model": "codemeter",
"scope": "eq",
"trust": 0.8,
"vendor": "wibu",
"version": "7.21a"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-002247"
},
{
"db": "NVD",
"id": "CVE-2021-20093"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "reported these vulnerabilities to CISA., Inc.,Tenable",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-1297"
}
],
"trust": 0.6
},
"cve": "CVE-2021-20093",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2021-20093",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-377769",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-20093",
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-20093",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-20093",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2021-20093",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202106-1297",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-377769",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-20093",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-377769"
},
{
"db": "VULMON",
"id": "CVE-2021-20093"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002247"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-1297"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-20093"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions \u003c 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server. Wibu-Systems CodeMeter Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. CodeMeter is a security tool from WIBU in Germany, which provides integrated technology for software developers and smart device companies",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-20093"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002247"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULHUB",
"id": "VHN-377769"
},
{
"db": "VULMON",
"id": "CVE-2021-20093"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-20093",
"trust": 3.4
},
{
"db": "TENABLE",
"id": "TRA-2021-24",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-21-210-02",
"trust": 2.5
},
{
"db": "SIEMENS",
"id": "SSA-675303",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU92598492",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU99583134",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-23-320-03",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002247",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021073002",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2575",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202106-1297",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-377769",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-20093",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-377769"
},
{
"db": "VULMON",
"id": "CVE-2021-20093"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002247"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-1297"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-20093"
}
]
},
"id": "VAR-202106-0816",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-377769"
}
],
"trust": 0.75128434
},
"last_update_date": "2024-08-14T12:10:26.231000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WIBU-210423-01",
"trust": 0.8,
"url": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-210423-01.pdf"
},
{
"title": "Wibu-Systems CodeMeter Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155294"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=a38962f28ac4b7e355a2146c756f2b6d"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-20093"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002247"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-1297"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.1
},
{
"problemtype": "Out-of-bounds read (CWE-125) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-377769"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002247"
},
{
"db": "NVD",
"id": "CVE-2021-20093"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.tenable.com/security/research/tra-2021-24"
},
{
"trust": 2.5,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-210-02"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-675303.pdf"
},
{
"trust": 1.8,
"url": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/advisory_wibu-210423-01.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99583134/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92598492/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20093"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-03"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/wibu-systems-codemeter-buffer-overflow-35870"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2575"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021073002"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-675303.txt"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-377769"
},
{
"db": "VULMON",
"id": "CVE-2021-20093"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002247"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-1297"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-20093"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-377769"
},
{
"db": "VULMON",
"id": "CVE-2021-20093"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-002247"
},
{
"db": "CNNVD",
"id": "CNNVD-202106-1297"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "NVD",
"id": "CVE-2021-20093"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-16T00:00:00",
"db": "VULHUB",
"id": "VHN-377769"
},
{
"date": "2021-06-16T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20093"
},
{
"date": "2021-08-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-002247"
},
{
"date": "2021-06-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-1297"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-06-16T12:15:12.037000",
"db": "NVD",
"id": "CVE-2021-20093"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-377769"
},
{
"date": "2021-07-13T00:00:00",
"db": "VULMON",
"id": "CVE-2021-20093"
},
{
"date": "2023-11-21T01:44:00",
"db": "JVNDB",
"id": "JVNDB-2021-002247"
},
{
"date": "2021-08-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202106-1297"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2022-10-06T17:43:33.530000",
"db": "NVD",
"id": "CVE-2021-20093"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-1297"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wibu-Systems\u00a0CodeMeter\u00a0 Out-of-bounds read vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-002247"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202106-1297"
}
],
"trust": 0.6
}
}
var-202009-0303
Vulnerability from variot
CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a valid license file of an existing vendor. Only CmActLicense update files with CmActLicense Firm Code are affected. CodeMeter Exists in a digital signature validation vulnerability.Information may be tampered with. Siemens SINEMA Remote Connect is a set of remote network management platform of German Siemens (Siemens) company. The SIMIT Simluation Platform allows simulation of factory settings to predict failures in the early planning stage. SINEC INS is a web-based application that combines various network services in one tool.
Many Siemens products have security vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-0303",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "codemeter",
"scope": "lt",
"trust": 1.0,
"vendor": "wibu",
"version": "6.90"
},
{
"model": "codemeter",
"scope": null,
"trust": 0.8,
"vendor": "wibu",
"version": null
},
{
"model": "codemeter",
"scope": "eq",
"trust": 0.8,
"vendor": "wibu",
"version": null
},
{
"model": "codemeter",
"scope": "eq",
"trust": 0.8,
"vendor": "wibu",
"version": "6.90"
},
{
"model": "process historian",
"scope": "lte",
"trust": 0.6,
"vendor": "siemens",
"version": "\u003c=2019"
},
{
"model": "simatic pcs neo",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simit simulation platform",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinema remote connect",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51243"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011221"
},
{
"db": "NVD",
"id": "CVE-2020-14515"
}
]
},
"cve": "CVE-2020-14515",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-14515",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.9,
"id": "CNVD-2020-51243",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-14515",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-14515",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14515",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-14515",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-51243",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-488",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51243"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011221"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-488"
},
{
"db": "NVD",
"id": "CVE-2020-14515"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a valid license file of an existing vendor. Only CmActLicense update files with CmActLicense Firm Code are affected. CodeMeter Exists in a digital signature validation vulnerability.Information may be tampered with. Siemens SINEMA Remote Connect is a set of remote network management platform of German Siemens (Siemens) company. The SIMIT Simluation Platform allows simulation of factory settings to predict failures in the early planning stage. SINEC INS is a web-based application that combines various network services in one tool. \n\r\n\r\nMany Siemens products have security vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14515"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011221"
},
{
"db": "CNVD",
"id": "CNVD-2020-51243"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14515",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-20-203-01",
"trust": 2.4
},
{
"db": "JVN",
"id": "JVNVU90770748",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94568336",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011221",
"trust": 0.8
},
{
"db": "SIEMENS",
"id": "SSA-455843",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-51243",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3076.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3076.3",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3076",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021806",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202009-488",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51243"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011221"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-488"
},
{
"db": "NVD",
"id": "CVE-2020-14515"
}
]
},
"id": "VAR-202009-0303",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51243"
}
],
"trust": 1.3255275260000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51243"
}
]
},
"last_update_date": "2024-08-14T12:13:46.480000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CodeMeter",
"trust": 0.8,
"url": "https://www.wibu.com/products/codemeter.html"
},
{
"title": "Patch for Improper password signature verification vulnerabilities in many Siemens products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/233341"
},
{
"title": "Wibu-Systems AG CodeMeter Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=127909"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51243"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011221"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-488"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-347",
"trust": 1.0
},
{
"problemtype": "Improper verification of digital signatures (CWE-347) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011221"
},
{
"db": "NVD",
"id": "CVE-2020-14515"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-203-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14515"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94568336/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90770748/"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-455843.pdf"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-six-vulnerabilities-via-wibu-systems-codemeter-runtime-33282"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021806"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3076.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3076.3/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3076/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51243"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011221"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-488"
},
{
"db": "NVD",
"id": "CVE-2020-14515"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-51243"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011221"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-488"
},
{
"db": "NVD",
"id": "CVE-2020-14515"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-51243"
},
{
"date": "2021-03-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-011221"
},
{
"date": "2020-09-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-488"
},
{
"date": "2020-09-16T20:15:13.567000",
"db": "NVD",
"id": "CVE-2020-14515"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-51243"
},
{
"date": "2022-03-15T05:07:00",
"db": "JVNDB",
"id": "JVNDB-2020-011221"
},
{
"date": "2022-02-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-488"
},
{
"date": "2020-09-22T17:56:46.080000",
"db": "NVD",
"id": "CVE-2020-14515"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-488"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CodeMeter\u00a0 Digital Signature Verification Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011221"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "data forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-488"
}
],
"trust": 0.6
}
}
var-202009-0319
Vulnerability from variot
CodeMeter (All versions prior to 6.81) and the software using it may crash while processing a specifically crafted license file due to unverified length fields. CodeMeter Is vulnerable to input validation.Denial of service (DoS) It may be put into a state. SPPA-S2000 simulates the automation component (S7) of the nuclear DCS system SPPA-T2000. SPPA-S3000 simulates the automation components of DCS system SPPA-T3000. SPPA-T3000 is a distributed control system, mainly used in fossil and large renewable energy power plants.
Many Siemens products have security vulnerabilities. Attackers can use vulnerabilities to crash software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202009-0319",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "codemeter",
"scope": "lt",
"trust": 1.0,
"vendor": "wibu",
"version": "6.81"
},
{
"model": "codemeter",
"scope": null,
"trust": 0.8,
"vendor": "wibu",
"version": null
},
{
"model": "codemeter",
"scope": "eq",
"trust": 0.8,
"vendor": "wibu",
"version": null
},
{
"model": "codemeter",
"scope": "eq",
"trust": 0.8,
"vendor": "wibu",
"version": "6.81"
},
{
"model": "sppa-s2000",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "3.04"
},
{
"model": "sppa-s2000",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "3.06"
},
{
"model": "sppa-t3000 r8.2 sp2",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sppa-s3000",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "3.05"
},
{
"model": "process historian",
"scope": "lte",
"trust": 0.6,
"vendor": "siemens",
"version": "\u003c=2019"
},
{
"model": "simatic pcs neo",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simit simulation platform",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinema remote connect",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51244"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011220"
},
{
"db": "NVD",
"id": "CVE-2020-14513"
}
]
},
"cve": "CVE-2020-14513",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-14513",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-51244",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-14513",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2020-14513",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-14513",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2020-14513",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-51244",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202009-483",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51244"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011220"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-483"
},
{
"db": "NVD",
"id": "CVE-2020-14513"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CodeMeter (All versions prior to 6.81) and the software using it may crash while processing a specifically crafted license file due to unverified length fields. CodeMeter Is vulnerable to input validation.Denial of service (DoS) It may be put into a state. SPPA-S2000 simulates the automation component (S7) of the nuclear DCS system SPPA-T2000. SPPA-S3000 simulates the automation components of DCS system SPPA-T3000. SPPA-T3000 is a distributed control system, mainly used in fossil and large renewable energy power plants. \n\r\n\r\nMany Siemens products have security vulnerabilities. Attackers can use vulnerabilities to crash software",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-14513"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011220"
},
{
"db": "CNVD",
"id": "CNVD-2020-51244"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-14513",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-20-203-01",
"trust": 2.4
},
{
"db": "JVN",
"id": "JVNVU90770748",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94568336",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011220",
"trust": 0.8
},
{
"db": "SIEMENS",
"id": "SSA-455843",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-51244",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3076.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3076.3",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3076",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022021806",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202009-483",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51244"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011220"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-483"
},
{
"db": "NVD",
"id": "CVE-2020-14513"
}
]
},
"id": "VAR-202009-0319",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51244"
}
],
"trust": 1.42845470375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51244"
}
]
},
"last_update_date": "2024-08-14T12:07:58.731000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CodeMeter",
"trust": 0.8,
"url": "https://www.wibu.com/products/codemeter.html"
},
{
"title": "Patch for Improper input verification vulnerabilities in multiple Siemens products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/233338"
},
{
"title": "ARC Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=127904"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51244"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011220"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-483"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.0
},
{
"problemtype": "Incorrect input confirmation (CWE-20) [ Other ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011220"
},
{
"db": "NVD",
"id": "CVE-2020-14513"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-203-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14513"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu94568336/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90770748/"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-455843.pdf"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-six-vulnerabilities-via-wibu-systems-codemeter-runtime-33282"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022021806"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3076.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3076.3/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3076/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-51244"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011220"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-483"
},
{
"db": "NVD",
"id": "CVE-2020-14513"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-51244"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-011220"
},
{
"db": "CNNVD",
"id": "CNNVD-202009-483"
},
{
"db": "NVD",
"id": "CVE-2020-14513"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-51244"
},
{
"date": "2021-03-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-011220"
},
{
"date": "2020-09-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-483"
},
{
"date": "2020-09-16T20:15:13.473000",
"db": "NVD",
"id": "CVE-2020-14513"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-09-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-51244"
},
{
"date": "2022-03-15T05:04:00",
"db": "JVNDB",
"id": "JVNDB-2020-011220"
},
{
"date": "2022-02-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202009-483"
},
{
"date": "2020-09-22T17:47:12.067000",
"db": "NVD",
"id": "CVE-2020-14513"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-483"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CodeMeter\u00a0 Input confirmation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-011220"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202009-483"
}
],
"trust": 0.6
}
}
var-202309-0672
Vulnerability from variot
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system. Wibu-Systems AG of CodeMeter Runtime Products from multiple vendors, such as the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. PSS(R)CAPE is a transmission and distribution network protection simulation software. PSS(R)E is a power system simulation and analysis tool for transmission operation and planning. PSS(R)ODMS is a CIM-based network model management tool with network analysis capabilities for planning and operational planning of transmission utilities. SIMATIC PCS neo is a distributed control system (DCS). SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications requiring a high degree of customer-specific adaptability, large or complex applications, and projects that impose specific system requirements or functionality. SIMIT Simulation Platform allows simulating factory settings to predict failures at an early planning stage. SINEC INS (Infrastructure Network Services) is a web-based application that combines various network services in one tool. SINEMA Remote Connect is a management platform for remote networks that allows simple management of tunnel connections (VPN) between headquarters, service technicians and installed machines or plants.
Siemens Industrial product WIBU system CodeMeter has a heap buffer overflow vulnerability, which is caused by failure to perform correct boundary checks. An attacker could exploit this vulnerability to cause a buffer overflow and execute arbitrary code on the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202309-0672",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "oseon",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "3.0.22"
},
{
"model": "tubedesign",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "14.06.150"
},
{
"model": "programmingtube",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "4.6.3"
},
{
"model": "trutopsfab",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "15.00.23.00"
},
{
"model": "teczonebend",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "23.06.01"
},
{
"model": "trutopsweld",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "9.0.28148.1"
},
{
"model": "trutops cell sw48",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "02.26.0"
},
{
"model": "trutopsprint",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "01.00"
},
{
"model": "trutops",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "08.00"
},
{
"model": "e-mobility charging suite",
"scope": "lte",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": "1.7.0"
},
{
"model": "module type package designer",
"scope": "lt",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": "1.2.0"
},
{
"model": "trutopsfab",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "22.8.25"
},
{
"model": "trutopsfab storage smallstore",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "14.06.20"
},
{
"model": "activation wizard",
"scope": "lte",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": "1.6"
},
{
"model": "trutops",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "12.01.00.00"
},
{
"model": "tubedesign",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "08.00"
},
{
"model": "iol-conf",
"scope": "lte",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": "1.7.0"
},
{
"model": "trutopsboost",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "06.00.23.00"
},
{
"model": "topscalculation",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "22.00.00"
},
{
"model": "trutopsprint",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "00.06.00"
},
{
"model": "trutops cell classic",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "09.09.02"
},
{
"model": "programmingtube",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "1.0.1"
},
{
"model": "trutopsboost",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "16.0.22"
},
{
"model": "fl network manager",
"scope": "lte",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": "7.0"
},
{
"model": "teczonebend",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "18.02.r8"
},
{
"model": "trutops mark 3d",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "06.01"
},
{
"model": "codemeter runtime",
"scope": "lt",
"trust": 1.0,
"vendor": "wibu",
"version": "7.60c"
},
{
"model": "trutopsprintmultilaserassistant",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "01.02"
},
{
"model": "trumpflicenseexpert",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "1.5.2"
},
{
"model": "trutops mark 3d",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "01.00"
},
{
"model": "module type package designer",
"scope": "eq",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": "1.2.0"
},
{
"model": "plcnext engineer",
"scope": "lte",
"trust": 1.0,
"vendor": "phoenixcontact",
"version": "2023.6"
},
{
"model": "trumpflicenseexpert",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "1.11.1"
},
{
"model": "trutopsweld",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "7.0.198.241"
},
{
"model": "trutops cell sw48",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "01.00"
},
{
"model": "tops unfold",
"scope": "eq",
"trust": 1.0,
"vendor": "trumpf",
"version": "05.03.00.00"
},
{
"model": "oseon",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "1.0.0"
},
{
"model": "topscalculation",
"scope": "gte",
"trust": 1.0,
"vendor": "trumpf",
"version": "14.00"
},
{
"model": "trutopsfab storage smallstore",
"scope": "lte",
"trust": 1.0,
"vendor": "trumpf",
"version": "20.04.20.00"
},
{
"model": "trutopsweld",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "programmingtube",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "codemeter runtime",
"scope": null,
"trust": 0.8,
"vendor": "wibu",
"version": null
},
{
"model": "trutopsboost",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "trutopsprintmultilaserassistant",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "trutopsprint",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "oseon",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "trutops cell sw48",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "trutopsfab",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "tops unfold",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "trutops mark 3d",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "trutopsfab storage smallstore",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "tubedesign",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "trutops",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "trumpflicenseexpert",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "topscalculation",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "teczonebend",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "trutops cell classic",
"scope": null,
"trust": 0.8,
"vendor": "trumpf",
"version": null
},
{
"model": "sinec ins",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simit simulation platform",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "sinema remote connect",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v3.17"
},
{
"model": "simatic wincc oa",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v3.18"
},
{
"model": "pss cape",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v14\u003cv14.2023-08-23"
},
{
"model": "pss cape",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v15\u003cv15.0.22"
},
{
"model": "pss e",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v34\u003cv34.9.6"
},
{
"model": "pss odms",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v13.0"
},
{
"model": "pss odms",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v13.1\u003cv13.1.12.1"
},
{
"model": "simatic pcs neo",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v3"
},
{
"model": "simatic pcs neo",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v4"
},
{
"model": "simatic wincc oa p006",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v3.19\u003cv3.19"
},
{
"model": "pss e",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "v35"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-69811"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-012536"
},
{
"db": "NVD",
"id": "CVE-2023-3935"
}
]
},
"cve": "CVE-2023-3935",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2023-69811",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "info@cert.vde.com",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2023-3935",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2023-012536",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "info@cert.vde.com",
"id": "CVE-2023-3935",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-3935",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "OTHER",
"id": "JVNDB-2023-012536",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2023-69811",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-69811"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-012536"
},
{
"db": "NVD",
"id": "CVE-2023-3935"
},
{
"db": "NVD",
"id": "CVE-2023-3935"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system. Wibu-Systems AG of CodeMeter Runtime Products from multiple vendors, such as the following, contain out-of-bounds write vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. PSS(R)CAPE is a transmission and distribution network protection simulation software. PSS(R)E is a power system simulation and analysis tool for transmission operation and planning. PSS(R)ODMS is a CIM-based network model management tool with network analysis capabilities for planning and operational planning of transmission utilities. SIMATIC PCS neo is a distributed control system (DCS). SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications requiring a high degree of customer-specific adaptability, large or complex applications, and projects that impose specific system requirements or functionality. SIMIT Simulation Platform allows simulating factory settings to predict failures at an early planning stage. SINEC INS (Infrastructure Network Services) is a web-based application that combines various network services in one tool. SINEMA Remote Connect is a management platform for remote networks that allows simple management of tunnel connections (VPN) between headquarters, service technicians and installed machines or plants. \n\r\n\r\nSiemens Industrial product WIBU system CodeMeter has a heap buffer overflow vulnerability, which is caused by failure to perform correct boundary checks. An attacker could exploit this vulnerability to cause a buffer overflow and execute arbitrary code on the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-3935"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-012536"
},
{
"db": "CNVD",
"id": "CNVD-2023-69811"
},
{
"db": "VULMON",
"id": "CVE-2023-3935"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-3935",
"trust": 3.3
},
{
"db": "CERT@VDE",
"id": "VDE-2023-031",
"trust": 1.9
},
{
"db": "CERT@VDE",
"id": "VDE-2023-030",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU92598492",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU92008538",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU98137233",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-24-004-01",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-23-320-03",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-23-257-06",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2023-012536",
"trust": 0.8
},
{
"db": "SIEMENS",
"id": "SSA-240541",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2023-69811",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-3935",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-69811"
},
{
"db": "VULMON",
"id": "CVE-2023-3935"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-012536"
},
{
"db": "NVD",
"id": "CVE-2023-3935"
}
]
},
"id": "VAR-202309-0672",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-69811"
}
],
"trust": 1.1685151266666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-69811"
}
]
},
"last_update_date": "2024-08-14T12:13:07.282000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens Industrial product WIBU system CodeMeter heap buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/460931"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-69811"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
},
{
"problemtype": "Out-of-bounds writing (CWE-787) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-012536"
},
{
"db": "NVD",
"id": "CVE-2023-3935"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/advisorywibu-230704-01-v3.0.pdf"
},
{
"trust": 1.9,
"url": "https://cert.vde.com/en/advisories/vde-2023-031/"
},
{
"trust": 1.8,
"url": "https://cert.vde.com/en/advisories/vde-2023-030/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98137233/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92598492/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92008538/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3935"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-257-06"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-03"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-004-01"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-240541.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-69811"
},
{
"db": "VULMON",
"id": "CVE-2023-3935"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-012536"
},
{
"db": "NVD",
"id": "CVE-2023-3935"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-69811"
},
{
"db": "VULMON",
"id": "CVE-2023-3935"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-012536"
},
{
"db": "NVD",
"id": "CVE-2023-3935"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-09-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-69811"
},
{
"date": "2023-09-13T00:00:00",
"db": "VULMON",
"id": "CVE-2023-3935"
},
{
"date": "2023-12-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-012536"
},
{
"date": "2023-09-13T14:15:09.147000",
"db": "NVD",
"id": "CVE-2023-3935"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-09-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-69811"
},
{
"date": "2023-09-13T00:00:00",
"db": "VULMON",
"id": "CVE-2023-3935"
},
{
"date": "2024-01-09T02:47:00",
"db": "JVNDB",
"id": "JVNDB-2023-012536"
},
{
"date": "2024-01-25T20:24:58.783000",
"db": "NVD",
"id": "CVE-2023-3935"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wibu-Systems\u00a0AG\u00a0 of \u00a0CodeMeter\u00a0Runtime\u00a0 Out-of-bounds write vulnerability in products from multiple vendors such as",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-012536"
}
],
"trust": 0.8
}
}