{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" versions ant\u00e9rieures \u00e0 V15.1 Update 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC HMI Comfort Panels 4\" - 22\" versions ant\u00e9rieures \u00e0 V15.1 Update 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC (TIA Portal) versions ant\u00e9rieures \u00e0 V15.1 Update 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SISHIP IPMS","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PCS 7","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"LOGO! Soft Comfort","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"LOGO!8 BM","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions ant\u00e9rieures \u00e0 V15.1 Update 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 Upd3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINAMICS PERFECT HARMONY GH180","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SISHIP IMAC","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SISHIP EMCS","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Advanced versions ant\u00e9rieures \u00e0 V15.1 Update 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W1750D versions ant\u00e9rieures \u00e0 V8.4.0.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Professional versions ant\u00e9rieures \u00e0 V15.1 Update 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2018-7083","url":"https://www.cve.org/CVERecord?id=CVE-2018-7083"},{"name":"CVE-2019-10919","url":"https://www.cve.org/CVERecord?id=CVE-2019-10919"},{"name":"CVE-2019-10920","url":"https://www.cve.org/CVERecord?id=CVE-2019-10920"},{"name":"CVE-2019-6572","url":"https://www.cve.org/CVERecord?id=CVE-2019-6572"},{"name":"CVE-2018-16417","url":"https://www.cve.org/CVERecord?id=CVE-2018-16417"},{"name":"CVE-2018-3991","url":"https://www.cve.org/CVERecord?id=CVE-2018-3991"},{"name":"CVE-2019-10916","url":"https://www.cve.org/CVERecord?id=CVE-2019-10916"},{"name":"CVE-2018-3990","url":"https://www.cve.org/CVERecord?id=CVE-2018-3990"},{"name":"CVE-2018-3989","url":"https://www.cve.org/CVERecord?id=CVE-2018-3989"},{"name":"CVE-2019-10922","url":"https://www.cve.org/CVERecord?id=CVE-2019-10922"},{"name":"CVE-2019-10921","url":"https://www.cve.org/CVERecord?id=CVE-2019-10921"},{"name":"CVE-2019-10924","url":"https://www.cve.org/CVERecord?id=CVE-2019-10924"},{"name":"CVE-2019-10918","url":"https://www.cve.org/CVERecord?id=CVE-2019-10918"},{"name":"CVE-2019-10917","url":"https://www.cve.org/CVERecord?id=CVE-2019-10917"},{"name":"CVE-2018-7064","url":"https://www.cve.org/CVERecord?id=CVE-2018-7064"},{"name":"CVE-2019-6578","url":"https://www.cve.org/CVERecord?id=CVE-2019-6578"},{"name":"CVE-2018-7084","url":"https://www.cve.org/CVERecord?id=CVE-2018-7084"},{"name":"CVE-2019-6576","url":"https://www.cve.org/CVERecord?id=CVE-2019-6576"},{"name":"CVE-2019-6577","url":"https://www.cve.org/CVERecord?id=CVE-2019-6577"},{"name":"CVE-2019-6574","url":"https://www.cve.org/CVERecord?id=CVE-2019-6574"},{"name":"CVE-2018-7082","url":"https://www.cve.org/CVERecord?id=CVE-2018-7082"}],"links":[],"reference":"CERTFR-2019-AVI-207","revisions":[{"description":"Version initiale","revision_date":"2019-05-14T00:00:00.000000"},{"description":"Ajout de SCADA dans le titre.","revision_date":"2019-05-15T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-705517 du 14 mai 2019","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-865156 du 14 mai 2019","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-865156.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-902727 du 14 mai 2019","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-606525 du 14 mai 2019","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-549547 du 14 mai 2019","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-697412 du 14 mai 2019","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-804486 du 14 mai 2019","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-102144 du 14 mai 2019","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-542701 du 14 mai 2019","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"}]}