Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-45793 (GCVE-0-2023-45793)
Vulnerability from cvelistv5 – Published: 2024-03-12 10:21 – Updated: 2024-08-02 20:29- CWE-863 - Incorrect Authorization
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Siveillance Control |
Affected:
V2.8 , < V3.1.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-45793",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T16:19:54.563034Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:19:54.053Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:29:32.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Siveillance Control",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1.1",
"status": "affected",
"version": "V2.8",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Siveillance Control (All versions \u003e= V2.8 \u003c V3.1.1). The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only have read privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T10:21:46.998Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-45793",
"datePublished": "2024-03-12T10:21:46.998Z",
"dateReserved": "2023-10-12T17:15:59.195Z",
"dateUpdated": "2024-08-02T20:29:32.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CNVD-2024-13801
Vulnerability from cnvd - Published: 2024-03-13用户可参考如下供应商提供的安全公告获得补丁信息: https://cert-portal.siemens.com/productcert/html/ssa-145196.html
| Name | Siemens Siveillance Control >=V2.8,<V3.1.1 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2023-45793"
}
},
"description": "Siemens Siveillance Control\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u96c6\u6210\u4e86\u89c6\u9891\u76d1\u63a7\u3001\u95e8\u7981\u3001\u5165\u4fb5\u68c0\u6d4b\u7b49\u529f\u80fd\u7684\u5b89\u5168\u7ba1\u7406\u5e73\u53f0\uff0c\u65e8\u5728\u5e2e\u52a9\u7ec4\u7ec7\u5b9e\u73b0\u5bf9\u5efa\u7b51\u7269\u3001\u8bbe\u65bd\u548c\u4eba\u5458\u7684\u5168\u9762\u76d1\u63a7\u548c\u7ba1\u7406\u3002\n\nSiemens Siveillance Control\u5b58\u5728\u6388\u6743\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u53d7\u5f71\u54cd\u7684\u4ea7\u54c1\u672a\u80fd\u6b63\u786e\u68c0\u67e5\u5206\u914d\u7ed9\u5355\u4e2a\u7528\u6237\u7684\u8bbf\u95ee\u7ec4\u5217\u8868\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u5f97\u53ea\u5177\u6709\u8bfb\u53d6\u6743\u9650\u5bf9\u8c61\u7684\u5199\u5165\u6743\u9650\u3002",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://cert-portal.siemens.com/productcert/html/ssa-145196.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2024-13801",
"openTime": "2024-03-13",
"patchDescription": "Siemens Siveillance Control\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u96c6\u6210\u4e86\u89c6\u9891\u76d1\u63a7\u3001\u95e8\u7981\u3001\u5165\u4fb5\u68c0\u6d4b\u7b49\u529f\u80fd\u7684\u5b89\u5168\u7ba1\u7406\u5e73\u53f0\uff0c\u65e8\u5728\u5e2e\u52a9\u7ec4\u7ec7\u5b9e\u73b0\u5bf9\u5efa\u7b51\u7269\u3001\u8bbe\u65bd\u548c\u4eba\u5458\u7684\u5168\u9762\u76d1\u63a7\u548c\u7ba1\u7406\u3002\r\n\r\nSiemens Siveillance Control\u5b58\u5728\u6388\u6743\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u53d7\u5f71\u54cd\u7684\u4ea7\u54c1\u672a\u80fd\u6b63\u786e\u68c0\u67e5\u5206\u914d\u7ed9\u5355\u4e2a\u7528\u6237\u7684\u8bbf\u95ee\u7ec4\u5217\u8868\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u5f97\u53ea\u5177\u6709\u8bfb\u53d6\u6743\u9650\u5bf9\u8c61\u7684\u5199\u5165\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Siemens Siveillance Control\u6388\u6743\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Siemens Siveillance Control \u003e=V2.8\uff0c\u003cV3.1.1"
},
"referenceLink": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html",
"serverity": "\u4e2d",
"submitTime": "2024-03-13",
"title": "Siemens Siveillance Control\u6388\u6743\u7ed5\u8fc7\u6f0f\u6d1e"
}
GSD-2023-45793
Vulnerability from gsd - Updated: 2023-12-13 01:20{
"GSD": {
"alias": "CVE-2023-45793",
"id": "GSD-2023-45793"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-45793"
],
"details": "A vulnerability has been identified in Siveillance Control (All versions \u003e= V2.8 \u003c V3.1.1). The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only have read privileges.",
"id": "GSD-2023-45793",
"modified": "2023-12-13T01:20:38.198956Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2023-45793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Siveillance Control",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2.8",
"version_value": "V3.1.1"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Siveillance Control (All versions \u003e= V2.8 \u003c V3.1.1). The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only have read privileges."
}
]
},
"impact": {
"cvss": [
{
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-863",
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Siveillance Control (All versions \u003e= V2.8 \u003c V3.1.1). The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only have read privileges."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Siveillance Control (Todas las versiones \u0026gt;= V2.8 \u0026lt; V3.1.1). El producto afectado no comprueba correctamente la lista de grupos de acceso asignados a un usuario individual. Esto podr\u00eda permitir que un usuario que haya iniciado sesi\u00f3n localmente obtenga privilegios de escritura para objetos donde solo tiene privilegios de lectura."
}
],
"id": "CVE-2023-45793",
"lastModified": "2024-03-12T12:40:13.500",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-03-12T11:15:47.503",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
}
}
}
FKIE_CVE-2023-45793
Vulnerability from fkie_nvd - Published: 2024-03-12 11:15 - Updated: 2026-06-17 06:29| Vendor | Product | Version | |
|---|---|---|---|
| siemens | siveillance_control | * |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unknown",
"product": "Siveillance Control",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.1.1",
"status": "affected",
"version": "V2.8",
"versionType": "custom"
}
]
}
],
"source": "productcert@siemens.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:siveillance_control:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEF2B87-7B01-4277-89EF-B9074005E0C9",
"versionEndExcluding": "3.1.1",
"versionStartIncluding": "2.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Siveillance Control (All versions \u003e= V2.8 \u003c V3.1.1). The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only have read privileges."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Siveillance Control (Todas las versiones \u0026gt;= V2.8 \u0026lt; V3.1.1). El producto afectado no comprueba correctamente la lista de grupos de acceso asignados a un usuario individual. Esto podr\u00eda permitir que un usuario que haya iniciado sesi\u00f3n localmente obtenga privilegios de escritura para objetos donde solo tiene privilegios de lectura."
}
],
"id": "CVE-2023-45793",
"lastModified": "2026-06-17T06:29:32.153",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2023-45793",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T16:19:54.563034Z",
"version": "2.0.3"
}
}
]
},
"published": "2024-03-12T11:15:47.503",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
}
GHSA-4QPH-WHWP-XM7R
Vulnerability from github – Published: 2024-03-12 12:30 – Updated: 2024-03-12 12:30A vulnerability has been identified in Siveillance Control (All versions >= V2.8 < V3.1.1). The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only have read privileges.
{
"affected": [],
"aliases": [
"CVE-2023-45793"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-03-12T11:15:47Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in Siveillance Control (All versions \u003e= V2.8 \u003c V3.1.1). The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only have read privileges.",
"id": "GHSA-4qph-whwp-xm7r",
"modified": "2024-03-12T12:30:48Z",
"published": "2024-03-12T12:30:48Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45793"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
CERTFR-2024-AVI-0203
Vulnerability from certfr_avis - Published: 2024-03-12 - Updated: 2024-03-12
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
None| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | Cerberus PRO EN Engineering Tool versions antérieures à IP8 | ||
| Siemens | N/A | SENTRON 7KM PAC3220 AC/DC (7KM3220-0BA01-1DA0) versions supérieures ou égales à V3.2.3 versions antérieures à V3.3.0 | ||
| Siemens | N/A | SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0) versions supérieures ou égales à V3.2.3 versions antérieures à V3.3.0 | ||
| Siemens | N/A | Sinteso FS20 EN Fire Panel FC20 versions antérieures à MP8 | ||
| Siemens | N/A | RUGGEDCOM APE1808 avec Fortinet NGFW versions antérieures à V7.4.1 | ||
| Siemens | N/A | Sinteso FS20 EN X200 Cloud Distribution versions V4.0.x antérieures à V4.0.5016 | ||
| Siemens | N/A | Cerberus PRO EN X200 Cloud Distribution versions V4.0.x antérieures à V4.0.5016 | ||
| Siemens | N/A | SENTRON 3KC ATC6 Expansion Module Ethernet toutes versions | ||
| Siemens | N/A | Sinteso FS20 EN Engineering Tool versions antérieures à MP8 | ||
| Siemens | N/A | SIMATIC RF160B (6GT2003-0FA00) versions antérieures à V2.2 | ||
| Siemens | N/A | SINEMA Remote Connect Server versions antérieures à V3.2 | ||
| Siemens | N/A | Solid Edge versions antérieures à V223.0.11 | ||
| Siemens | N/A | Siveillance Control versions supérieures ou égales à V2.8 versions antérieures à V3.1.1 | ||
| Siemens | N/A | Cerberus PRO EN X300 Cloud Distribution versions V4.3.x antérieures à V4.3.5617 | ||
| Siemens | N/A | Cerberus PRO EN Fire Panel FC72x versions antérieures à IP8 | ||
| Siemens | N/A | SENTRON 7KM PAC3220 DC (7KM3220-1BA01-1EA0) versions supérieures ou égales à V3.2.3 versions antérieures à V3.3.0 | ||
| Siemens | N/A | Sinteso FS20 EN X300 Cloud Distribution versions V4.2.x antérieures à V4.2.5015 | ||
| Siemens | N/A | SINEMA Remote Connect Client versions antérieures à V3.1 SP1 | ||
| Siemens | N/A | SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) versions supérieures ou égales à V3.2.3 versions antérieures à V3.3.0 | ||
| Siemens | N/A | Cerberus PRO EN X300 Cloud Distribution versions V4.2.x antérieures à V4.2.5015 | ||
| Siemens | N/A | Sinteso FS20 EN X200 Cloud Distribution versions V4.3.x antérieures à V4.3.5618 | ||
| Siemens | N/A | Cerberus PRO EN X200 Cloud Distribution versions V4.3.x antérieures à V4.3.5618 | ||
| Siemens | N/A | Sinteso FS20 EN X300 Cloud Distribution versions V4.3.x antérieures à V4.3.5617 | ||
| Siemens | N/A | Sinteso Mobile versions antérieures à V3.0.0 |
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cerberus PRO EN Engineering Tool versions ant\u00e9rieures \u00e0 IP8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON 7KM PAC3220 AC/DC (7KM3220-0BA01-1DA0) versions sup\u00e9rieures ou \u00e9gales \u00e0 V3.2.3 versions ant\u00e9rieures \u00e0 V3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0) versions sup\u00e9rieures ou \u00e9gales \u00e0 V3.2.3 versions ant\u00e9rieures \u00e0 V3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sinteso FS20 EN Fire Panel FC20 versions ant\u00e9rieures \u00e0 MP8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM APE1808 avec Fortinet NGFW versions ant\u00e9rieures \u00e0 V7.4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sinteso FS20 EN X200 Cloud Distribution versions V4.0.x ant\u00e9rieures \u00e0 V4.0.5016",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Cerberus PRO EN X200 Cloud Distribution versions V4.0.x ant\u00e9rieures \u00e0 V4.0.5016",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON 3KC ATC6 Expansion Module Ethernet toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sinteso FS20 EN Engineering Tool versions ant\u00e9rieures \u00e0 MP8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF160B (6GT2003-0FA00) versions ant\u00e9rieures \u00e0 V2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Remote Connect Server versions ant\u00e9rieures \u00e0 V3.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Solid Edge versions ant\u00e9rieures \u00e0 V223.0.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Siveillance Control versions sup\u00e9rieures ou \u00e9gales \u00e0 V2.8 versions ant\u00e9rieures \u00e0 V3.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Cerberus PRO EN X300 Cloud Distribution versions V4.3.x ant\u00e9rieures \u00e0 V4.3.5617",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Cerberus PRO EN Fire Panel FC72x versions ant\u00e9rieures \u00e0 IP8",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON 7KM PAC3220 DC (7KM3220-1BA01-1EA0) versions sup\u00e9rieures ou \u00e9gales \u00e0 V3.2.3 versions ant\u00e9rieures \u00e0 V3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sinteso FS20 EN X300 Cloud Distribution versions V4.2.x ant\u00e9rieures \u00e0 V4.2.5015",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Remote Connect Client versions ant\u00e9rieures \u00e0 V3.1 SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) versions sup\u00e9rieures ou \u00e9gales \u00e0 V3.2.3 versions ant\u00e9rieures \u00e0 V3.3.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Cerberus PRO EN X300 Cloud Distribution versions V4.2.x ant\u00e9rieures \u00e0 V4.2.5015",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sinteso FS20 EN X200 Cloud Distribution versions V4.3.x ant\u00e9rieures \u00e0 V4.3.5618",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Cerberus PRO EN X200 Cloud Distribution versions V4.3.x ant\u00e9rieures \u00e0 V4.3.5618",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sinteso FS20 EN X300 Cloud Distribution versions V4.3.x ant\u00e9rieures \u00e0 V4.3.5617",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Sinteso Mobile versions ant\u00e9rieures \u00e0 V3.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-0646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0646"
},
{
"name": "CVE-2017-18509",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18509"
},
{
"name": "CVE-2021-0599",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0599"
},
{
"name": "CVE-2021-0443",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0443"
},
{
"name": "CVE-2022-20462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20462"
},
{
"name": "CVE-2021-0598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0598"
},
{
"name": "CVE-2021-0438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0438"
},
{
"name": "CVE-2021-0651",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0651"
},
{
"name": "CVE-2021-0585",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0585"
},
{
"name": "CVE-2021-0331",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0331"
},
{
"name": "CVE-2021-0509",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0509"
},
{
"name": "CVE-2021-0601",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0601"
},
{
"name": "CVE-2021-0478",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0478"
},
{
"name": "CVE-2021-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0397"
},
{
"name": "CVE-2021-0600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0600"
},
{
"name": "CVE-2021-0928",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0928"
},
{
"name": "CVE-2021-0484",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0484"
},
{
"name": "CVE-2023-36641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36641"
},
{
"name": "CVE-2021-0642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0642"
},
{
"name": "CVE-2021-0341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0341"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2022-41329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41329"
},
{
"name": "CVE-2021-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0597"
},
{
"name": "CVE-2020-24587",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24587"
},
{
"name": "CVE-2017-14491",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14491"
},
{
"name": "CVE-2022-20421",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20421"
},
{
"name": "CVE-2021-0593",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0593"
},
{
"name": "CVE-2022-20498",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20498"
},
{
"name": "CVE-2021-0473",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0473"
},
{
"name": "CVE-2022-41328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41328"
},
{
"name": "CVE-2022-42474",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42474"
},
{
"name": "CVE-2021-0870",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0870"
},
{
"name": "CVE-2020-0417",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0417"
},
{
"name": "CVE-2020-29660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29660"
},
{
"name": "CVE-2021-0604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0604"
},
{
"name": "CVE-2021-0522",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0522"
},
{
"name": "CVE-2021-39629",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39629"
},
{
"name": "CVE-2020-29661",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29661"
},
{
"name": "CVE-2021-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38204"
},
{
"name": "CVE-2022-20229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20229"
},
{
"name": "CVE-2023-33306",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33306"
},
{
"name": "CVE-2022-39948",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39948"
},
{
"name": "CVE-2022-20423",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20423"
},
{
"name": "CVE-2021-0396",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0396"
},
{
"name": "CVE-2021-0650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0650"
},
{
"name": "CVE-2021-0329",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0329"
},
{
"name": "CVE-2023-41675",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41675"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-27997",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27997"
},
{
"name": "CVE-2023-29183",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29183"
},
{
"name": "CVE-2021-0471",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0471"
},
{
"name": "CVE-2023-29181",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29181"
},
{
"name": "CVE-2021-0963",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0963"
},
{
"name": "CVE-2021-0327",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0327"
},
{
"name": "CVE-2021-0653",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0653"
},
{
"name": "CVE-2021-0690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0690"
},
{
"name": "CVE-2021-39634",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39634"
},
{
"name": "CVE-2021-0596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0596"
},
{
"name": "CVE-2023-47537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47537"
},
{
"name": "CVE-2023-28002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28002"
},
{
"name": "CVE-2023-22641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22641"
},
{
"name": "CVE-2021-0919",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0919"
},
{
"name": "CVE-2021-0968",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0968"
},
{
"name": "CVE-2022-20500",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20500"
},
{
"name": "CVE-2021-29647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29647"
},
{
"name": "CVE-2021-0521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0521"
},
{
"name": "CVE-2020-11301",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11301"
},
{
"name": "CVE-2021-0953",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0953"
},
{
"name": "CVE-2021-0926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0926"
},
{
"name": "CVE-2021-0961",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0961"
},
{
"name": "CVE-2023-26207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26207"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2021-0652",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0652"
},
{
"name": "CVE-2021-0339",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0339"
},
{
"name": "CVE-2021-39627",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39627"
},
{
"name": "CVE-2021-0437",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0437"
},
{
"name": "CVE-2023-29179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29179"
},
{
"name": "CVE-2021-0433",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0433"
},
{
"name": "CVE-2024-22041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22041"
},
{
"name": "CVE-2023-33305",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33305"
},
{
"name": "CVE-2022-20473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20473"
},
{
"name": "CVE-2022-43947",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43947"
},
{
"name": "CVE-2023-41841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41841"
},
{
"name": "CVE-2021-0333",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0333"
},
{
"name": "CVE-2022-20483",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20483"
},
{
"name": "CVE-2020-25705",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25705"
},
{
"name": "CVE-2024-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22045"
},
{
"name": "CVE-2022-42476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42476"
},
{
"name": "CVE-2023-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49125"
},
{
"name": "CVE-2021-0399",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0399"
},
{
"name": "CVE-2023-33301",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33301"
},
{
"name": "CVE-2021-0476",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0476"
},
{
"name": "CVE-2021-0507",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0507"
},
{
"name": "CVE-2021-0390",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0390"
},
{
"name": "CVE-2021-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0444"
},
{
"name": "CVE-2021-0520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0520"
},
{
"name": "CVE-2021-0586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0586"
},
{
"name": "CVE-2021-39633",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39633"
},
{
"name": "CVE-2021-0587",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0587"
},
{
"name": "CVE-2021-0952",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0952"
},
{
"name": "CVE-2022-20476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20476"
},
{
"name": "CVE-2020-10768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10768"
},
{
"name": "CVE-2022-20472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20472"
},
{
"name": "CVE-2021-0326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0326"
},
{
"name": "CVE-2021-0929",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0929"
},
{
"name": "CVE-2022-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20227"
},
{
"name": "CVE-2021-0336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0336"
},
{
"name": "CVE-2023-44250",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44250"
},
{
"name": "CVE-2021-0506",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0506"
},
{
"name": "CVE-2021-0515",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0515"
},
{
"name": "CVE-2022-20355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20355"
},
{
"name": "CVE-2021-0330",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0330"
},
{
"name": "CVE-2021-0688",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0688"
},
{
"name": "CVE-2021-0393",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0393"
},
{
"name": "CVE-2024-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21762"
},
{
"name": "CVE-2021-0512",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0512"
},
{
"name": "CVE-2023-29178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29178"
},
{
"name": "CVE-2022-20130",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20130"
},
{
"name": "CVE-2021-0519",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0519"
},
{
"name": "CVE-2021-0516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0516"
},
{
"name": "CVE-2021-39621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39621"
},
{
"name": "CVE-2021-33909",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33909"
},
{
"name": "CVE-2022-42469",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42469"
},
{
"name": "CVE-2021-1972",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1972"
},
{
"name": "CVE-2021-1976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-1976"
},
{
"name": "CVE-2022-41327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41327"
},
{
"name": "CVE-2021-0640",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0640"
},
{
"name": "CVE-2020-14305",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14305"
},
{
"name": "CVE-2023-36555",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36555"
},
{
"name": "CVE-2022-20422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20422"
},
{
"name": "CVE-2022-20468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20468"
},
{
"name": "CVE-2023-22640",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22640"
},
{
"name": "CVE-2021-0400",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0400"
},
{
"name": "CVE-2022-20469",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20469"
},
{
"name": "CVE-2020-26558",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26558"
},
{
"name": "CVE-2021-0706",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0706"
},
{
"name": "CVE-2021-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0682"
},
{
"name": "CVE-2021-0480",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0480"
},
{
"name": "CVE-2021-0429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0429"
},
{
"name": "CVE-2023-22639",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22639"
},
{
"name": "CVE-2021-0683",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0683"
},
{
"name": "CVE-2022-20411",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20411"
},
{
"name": "CVE-2022-43953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43953"
},
{
"name": "CVE-2023-33307",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33307"
},
{
"name": "CVE-2021-0328",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0328"
},
{
"name": "CVE-2021-0684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0684"
},
{
"name": "CVE-2022-20466",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20466"
},
{
"name": "CVE-2023-40718",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40718"
},
{
"name": "CVE-2021-0920",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0920"
},
{
"name": "CVE-2021-0704",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0704"
},
{
"name": "CVE-2022-20127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20127"
},
{
"name": "CVE-2021-0436",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0436"
},
{
"name": "CVE-2021-0584",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0584"
},
{
"name": "CVE-2022-45861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45861"
},
{
"name": "CVE-2021-0594",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0594"
},
{
"name": "CVE-2021-0591",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0591"
},
{
"name": "CVE-2021-0514",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0514"
},
{
"name": "CVE-2021-0511",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0511"
},
{
"name": "CVE-2021-0931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0931"
},
{
"name": "CVE-2024-21483",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21483"
},
{
"name": "CVE-2020-15436",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15436"
},
{
"name": "CVE-2023-45793",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45793"
},
{
"name": "CVE-2021-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0689"
},
{
"name": "CVE-2023-28001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28001"
},
{
"name": "CVE-2021-0970",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0970"
},
{
"name": "CVE-2021-0337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0337"
},
{
"name": "CVE-2022-32257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32257"
},
{
"name": "CVE-2023-36639",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36639"
},
{
"name": "CVE-2021-39623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39623"
},
{
"name": "CVE-2022-41330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41330"
},
{
"name": "CVE-2021-0508",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0508"
},
{
"name": "CVE-2021-0325",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0325"
},
{
"name": "CVE-2021-0708",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0708"
},
{
"name": "CVE-2022-41334",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41334"
},
{
"name": "CVE-2024-23113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23113"
},
{
"name": "CVE-2020-0338",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0338"
},
{
"name": "CVE-2020-26555",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26555"
},
{
"name": "CVE-2021-0302",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0302"
},
{
"name": "CVE-2021-0589",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0589"
},
{
"name": "CVE-2021-0305",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0305"
},
{
"name": "CVE-2023-33308",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33308"
},
{
"name": "CVE-2023-29175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29175"
},
{
"name": "CVE-2021-0431",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0431"
},
{
"name": "CVE-2021-0392",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0392"
},
{
"name": "CVE-2021-0474",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0474"
},
{
"name": "CVE-2021-0930",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0930"
},
{
"name": "CVE-2021-39626",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39626"
},
{
"name": "CVE-2021-0967",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0967"
},
{
"name": "CVE-2023-25610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25610"
},
{
"name": "CVE-2023-37935",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37935"
},
{
"name": "CVE-2021-0695",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0695"
},
{
"name": "CVE-2024-22040",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22040"
},
{
"name": "CVE-2021-0965",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0965"
},
{
"name": "CVE-2021-0513",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0513"
},
{
"name": "CVE-2021-0434",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0434"
},
{
"name": "CVE-2021-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0687"
},
{
"name": "CVE-2021-0481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0481"
},
{
"name": "CVE-2021-0964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0964"
},
{
"name": "CVE-2021-0641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0641"
},
{
"name": "CVE-2021-0435",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0435"
},
{
"name": "CVE-2021-0334",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0334"
},
{
"name": "CVE-2021-0933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0933"
},
{
"name": "CVE-2021-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0394"
},
{
"name": "CVE-2023-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29180"
},
{
"name": "CVE-2021-0588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0588"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2024-22039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22039"
},
{
"name": "CVE-2021-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0391"
},
{
"name": "CVE-2021-0510",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0510"
},
{
"name": "CVE-2021-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0692"
},
{
"name": "CVE-2024-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22044"
},
{
"name": "CVE-2020-14381",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14381"
}
],
"initial_release_date": "2024-03-12T00:00:00",
"last_revision_date": "2024-03-12T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0203",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Siemens\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-792319 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-792319.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-918992 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-918992.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-353002 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-353002.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-653855 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-653855.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-225840 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-225840.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-145196 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-145196.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-382651 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-382651.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-832273 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-832273.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-366067 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-366067.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-770721 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-576771 du 12 mars 2024",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-576771.html"
}
]
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.