CVE-2019-10935

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions), SIMATIC WinCC Professional (TIA Portal V15) (All versions), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions), SIMATIC WinCC Runtime Professional V15 (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known.

Published : 2019-07-11 22:15 Updated : 2019-07-19 13:34

6.5
CVSS Score More info
Score 6.5 / 10
6.5
Vendor Product Version URI
Siemens Simatic Pcs 7 8.0 cpe:/a:siemens:simatic_pcs_7:8.0
Siemens Simatic Pcs 7 8.1 cpe:/a:siemens:simatic_pcs_7:8.1
Siemens Simatic Pcs 7 8.2 cpe:/a:siemens:simatic_pcs_7:8.2
Siemens Simatic Pcs 7 9.0 cpe:/a:siemens:simatic_pcs_7:9.0
Siemens Simatic Wincc 7.2 cpe:/a:siemens:simatic_wincc:7.2
Siemens Simatic Wincc 7.3 cpe:/a:siemens:simatic_wincc:7.3:-
Siemens Simatic Wincc 7.3 cpe:/a:siemens:simatic_wincc:7.3:update_1
Siemens Simatic Wincc 7.3 cpe:/a:siemens:simatic_wincc:7.3:update_10
Siemens Simatic Wincc 7.3 cpe:/a:siemens:simatic_wincc:7.3:update_11
Siemens Simatic Wincc 7.3 cpe:/a:siemens:simatic_wincc:7.3:update_13
Siemens Simatic Wincc 7.3 cpe:/a:siemens:simatic_wincc:7.3:update_4
Siemens Simatic Wincc 7.4 cpe:/a:siemens:simatic_wincc:7.4:-
Siemens Simatic Wincc 7.4 cpe:/a:siemens:simatic_wincc:7.4:sp1
Siemens Simatic Wincc 7.4 cpe:/a:siemens:simatic_wincc:7.4:update_1
Siemens Simatic Wincc 7.5 cpe:/a:siemens:simatic_wincc:7.5
Siemens Simatic Wincc 13 cpe:/a:siemens:simatic_wincc:13:-:~~professional~~~
Siemens Simatic Wincc 13 cpe:/a:siemens:simatic_wincc:13:sp2:~~professional~~~
Siemens Simatic Wincc 14 cpe:/a:siemens:simatic_wincc:14::~~professional~~~
Siemens Simatic Wincc 14 cpe:/a:siemens:simatic_wincc:14:-:~~professional~~~
Siemens Simatic Wincc 14 cpe:/a:siemens:simatic_wincc:14:sp1:~~professional~~~
Siemens Simatic Wincc 15 cpe:/a:siemens:simatic_wincc:15::~~professional~~~
Siemens Simatic Wincc Runtime 13 cpe:/a:siemens:simatic_wincc_runtime:13::~~professional~~~
Siemens Simatic Wincc Runtime 13 cpe:/a:siemens:simatic_wincc_runtime:13:-:~~professional~~~
Siemens Simatic Wincc Runtime 13 cpe:/a:siemens:simatic_wincc_runtime:13:sp1:~update_2~professional~~~
Siemens Simatic Wincc Runtime 13 cpe:/a:siemens:simatic_wincc_runtime:13:sp1:~update_9~professional~~~
Siemens Simatic Wincc Runtime 13 cpe:/a:siemens:simatic_wincc_runtime:13:sp2:~~professional~~~
Siemens Simatic Wincc Runtime 14 cpe:/a:siemens:simatic_wincc_runtime:14:-:~~professional~~~
Siemens Simatic Wincc Runtime 14 cpe:/a:siemens:simatic_wincc_runtime:14:sp1:~~professional~~~
Siemens Simatic Wincc Runtime 15 cpe:/a:siemens:simatic_wincc_runtime:15:-:~~professional~~~
Siemens Simatic Wincc Runtime 15 cpe:/a:siemens:simatic_wincc_runtime:15:update_4:~~professional~~~
Siemens Simatic Wincc Runtime 15.1 cpe:/a:siemens:simatic_wincc_runtime:15.1:-:~~professional~~~
Siemens Simatic Wincc Runtime 15.1 cpe:/a:siemens:simatic_wincc_runtime:15.1:update_1:~~professional~~~
  1. Siemens (3) Search CVE
    1. Simatic Wincc (7) Search CVE
      1. 7.2
      2. 7.3
      3. 7.4
      4. 7.5
      5. 13
      6. 14
      7. 15
    2. Simatic Wincc Runtime (4) Search CVE
      1. 13
      2. 14
      3. 15
      4. 15.1
    3. Simatic Pcs 7 (4) Search CVE
      1. 8.0
      2. 8.1
      3. 8.2
      4. 9.0

CWE

ID Name Description Links
CWE-434 Unrestricted Upload of File with Dangerous Type The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. CVE

History of changes

Date Event
2019-07-19 13:34
2019-07-12 12:59
2019-07-11 22:15

New CVE