CVE-2019-10925 - Vulnerability Details - OpenCVE

A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	Simatic Mv420 Simatic Mv420 Firmware Simatic Mv440 Simatic Mv440 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:siemens:simatic_mv420_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_mv420:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:siemens:simatic_mv440_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_mv440:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/108725
https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf
https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2019-06-12T13:47:56

Updated: 2024-08-04T22:40:15.426Z

Reserved: 2019-04-08T00:00:00

Link: CVE-2019-10925

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-06-12T14:29:04.477

Modified: 2024-11-21T04:20:09.977

Link: CVE-2019-10925

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "SIMATIC MV400 family", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All Versions < V7.0.6"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-03-15T17:03:29", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"name": "108725", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/108725"}, {"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2019-10925", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SIMATIC MV400 family", "version": {"version_data": [{"version_value": "All Versions < V7.0.6"}]}}]}, "vendor_name": "Siemens"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284: Improper Access Control"}]}]}, "references": {"reference_data": [{"name": "108725", "refsource": "BID", "url": "http://www.securityfocus.com/bid/108725"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"}, {"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T22:40:15.426Z"}, "title": "CVE Program Container", "references": [{"name": "108725", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/108725"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-10925", "datePublished": "2019-06-12T13:47:56", "dateReserved": "2019-04-08T00:00:00", "dateUpdated": "2024-08-04T22:40:15.426Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_mv420_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C802EF05-03DD-4BE0-ACDA-8BDA11EA6D25", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_mv420:-:*:*:*:*:*:*:*", "matchCriteriaId": "79B15C1B-2510-434B-A589-5903CA0C00EE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simatic_mv440_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B53B628-F96C-40B1-A952-659406759472", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simatic_mv440:-:*:*:*:*:*:*:*", "matchCriteriaId": "6408042E-7E06-4AED-9853-29B176EDFE9F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). An authenticated attacker could escalate privileges by sending specially crafted requests to the integrated webserver. The security vulnerability can be exploited by an attacker with network access to the device. Valid user credentials, but no user interaction are required. Successful exploitation compromises integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."}, {"lang": "es", "value": "Una vulnerabilidad ha sido identificada en la familia SIMATIC MV400 family (Todas las versiones anteriores a V7.0.6). Un atacante identificado podr\u00eda escalar sus privilegios mediante el env\u00edo de peticiones especialmente creadas al servidor web integrado. La vulnerabilidad de la seguridad puede ser aprovechada por un atacante con acceso de red al dispositivo. Credenciales de usuario v\u00e1lidas, pero no se requiere la interacci\u00f3n del usuario. La operaci\u00f3n con \u00e9xito compromete la integridad y la disponibilidad del dispositivo. En el momento de la publicaci\u00f3n de asesoramiento, no se conoc\u00eda la explotaci\u00f3n p\u00fablica de esta vulnerabilidad de seguridad"}], "id": "CVE-2019-10925", "lastModified": "2024-11-21T04:20:09.977", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-06-12T14:29:04.477", "references": [{"source": "productcert@siemens.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/108725"}, {"source": "productcert@siemens.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"}, {"source": "productcert@siemens.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/108725"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-816980.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-162-02"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "productcert@siemens.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Secondary"}]}