{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SIMATIC IPC427D, IPC427E (incl. variante SIPLUS)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC Route Control V8.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE M-800 / S615 versions ant\u00e9rieures \u00e0 V6.1.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC (TIA Portal) V16","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-1200 CPU (incl. variante SIPLUS)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. variante SIPLUS)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"OpenPCS 7 V9.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-1500 Software Controller versions ant\u00e9rieures \u00e0 20.8","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200MP IM155-5 PN ST (incl. variante SIPLUS) versions ant\u00e9rieures \u00e0 V4.1.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200SP IM155-6 PN ST (incl. variante SIPLUS) versions ant\u00e9rieures \u00e0 V4.1.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC Field PG M4, Field PG M5, Field PG M6","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-400 PN/DP CPU V7 (incl. variante SIPLUS)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIPROTEC 4 et SIPROTEC Compact relays equipped with EN100 Ethernet communication modules","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC Route Control V8.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIPORT MP versions ant\u00e9rieures \u00e0 V3.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X-200IRT switch (incl. variante SIPLUS NET) versions ant\u00e9rieures \u00e0 V5.4.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"OZW672 versions ant\u00e9rieures \u00e0 V10.00","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1626","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X-200 switch (incl. variante SIPLUS NET) versions ant\u00e9rieures \u00e0 V5.2.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1543-1 (incl. variante SIPLUS NET) versions ant\u00e9rieures V2.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC NET PC Software","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"RUGGEDCOM RM1224 versions ant\u00e9rieures \u00e0 V6.1.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC V7.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PCS 7 V8.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X-300 switch (incl. X408 et variante SIPLUS NET) versions ant\u00e9rieures \u00e0 V4.1.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PCS 7 V9.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE S602, S612, S623, S627-2M, S627-2M","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P versions ant\u00e9rieures \u00e0 V4.6","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC BATCH V8.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC BATCH V9.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC RF182C","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE XR-500 switch versions ant\u00e9rieures \u00e0 V6.2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC (TIA Portal) V13 versions ant\u00e9rieures \u00e0 V13 SP2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W700 IEEE 802.11n versions ant\u00e9rieures \u00e0 V6.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMOTION P320-4S","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. variante SIPLUS NET)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"IE/PB LINK PN IO (incl. variante SIPLUS NET)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 versions ant\u00e9rieures \u00e0 V4.5 Patch 01","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200SP IM155-6 PN HF (incl. variante SIPLUS) versions ant\u00e9rieures \u00e0 V4.2.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-300 PN/DP CPU (incl. les CPUS ET200 associ\u00e9es et variantes SIPLUS)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC RF180C","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 343-1 Advanced, CP 343-1, CP 343-1 LEAN, CP 443-1 Advanced, CP 443-1 (incl. variante SIPLUS NET)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE XB-200, XC-200, XP-200, XF-200BA and XR-300WG versions ant\u00e9rieures \u00e0 V4.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PCS 7 V8.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"TIM 1531 IRC (incl. variante SIPLUS NET) versions ant\u00e9rieures \u00e0 V2.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 343-1 ERPC, CP 443-1 OPC UA","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC MV400","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"OZW772 versions ant\u00e9rieures \u00e0 V10.00","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC IPC Support, Package for VxWorks","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC (TIA Portal) V15.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINAMICS DCP versions ant\u00e9rieures \u00e0 V1.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1616 et CP 1604 versions ant\u00e9rieures \u00e0 V2.8.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200pro, IM 154-3 PN HF et ET200pro, IM 154-4 PN HF","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC (TIA Portal) V14.0.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC IPC127E, IPC427C, IPC477C, IPC477D, IPC477E, IPC477E Pro, IPC527G, IPC547E, IPC547G, IPC627C, IPC627D, IPC627E, IPC647C, IPC647D, IPC647E, IPC677C, IPC677D, IPC677E, IPC827C, IPC827D, IPC827E, IPC847C, IPC847D, IPC847E","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC RF600 versions ant\u00e9rieures \u00e0 V3.2.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200AL IM 157-1 PN, ET200ecoPN (except\u00e9 6ES7148-6JD00-0AB0 et 6ES7146-6FF00-0AB0), ET200M IM153-4 PN IO HF (incl. variante SIPLUS), ET200M IM153-4 PN IO ST (incl. variante SIPLUS)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200MP IM155-5 PN HF (incl. variante SIPLUS) versions ant\u00e9rieures \u00e0 V4.2.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-1500 CPU (incl. les CPUS ET200 associ\u00e9es et variantes SIPLUS) versions ant\u00e9rieures \u00e0 2.8","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"OpenPCS 7 V8.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1628 versions ant\u00e9rieures \u00e0 V14.00.15.00_51.25.00.01","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 7.5.1 Upd1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1623 versions ant\u00e9rieures \u00e0 V14.00.15.00_51.25.00.01","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ITP1000","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC Route Control V9.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200S, ET200SP IM155-6 PN Basic (incl. variante SIPLUS)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"OpenPCS 7 V8.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-400 PN/DP CPU V6 et ant\u00e9rieures (incl. variante SIPLUS)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC V7.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE XM-400 switch versions ant\u00e9rieures \u00e0 V6.2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"PROFINET Driver for Controller versions ant\u00e9rieures \u00e0 V2.1 Patch 03","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMOTION P320-4E","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC BATCH V8.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2019-19282","url":"https://www.cve.org/CVERecord?id=CVE-2019-19282"},{"name":"CVE-2019-19277","url":"https://www.cve.org/CVERecord?id=CVE-2019-19277"},{"name":"CVE-2019-13926","url":"https://www.cve.org/CVERecord?id=CVE-2019-13926"},{"name":"CVE-2019-0152","url":"https://www.cve.org/CVERecord?id=CVE-2019-0152"},{"name":"CVE-2019-0169","url":"https://www.cve.org/CVERecord?id=CVE-2019-0169"},{"name":"CVE-2019-19281","url":"https://www.cve.org/CVERecord?id=CVE-2019-19281"},{"name":"CVE-2019-13941","url":"https://www.cve.org/CVERecord?id=CVE-2019-13941"},{"name":"CVE-2015-5621","url":"https://www.cve.org/CVERecord?id=CVE-2015-5621"},{"name":"CVE-2019-18217","url":"https://www.cve.org/CVERecord?id=CVE-2019-18217"},{"name":"CVE-2019-12815","url":"https://www.cve.org/CVERecord?id=CVE-2019-12815"},{"name":"CVE-2019-13940","url":"https://www.cve.org/CVERecord?id=CVE-2019-13940"},{"name":"CVE-2019-19279","url":"https://www.cve.org/CVERecord?id=CVE-2019-19279"},{"name":"CVE-2019-13925","url":"https://www.cve.org/CVERecord?id=CVE-2019-13925"},{"name":"CVE-2019-0151","url":"https://www.cve.org/CVERecord?id=CVE-2019-0151"},{"name":"CVE-2019-13946","url":"https://www.cve.org/CVERecord?id=CVE-2019-13946"},{"name":"CVE-2019-6585","url":"https://www.cve.org/CVERecord?id=CVE-2019-6585"},{"name":"CVE-2020-19282","url":"https://www.cve.org/CVERecord?id=CVE-2020-19282"},{"name":"CVE-2019-13924","url":"https://www.cve.org/CVERecord?id=CVE-2019-13924"},{"name":"CVE-2018-18065","url":"https://www.cve.org/CVERecord?id=CVE-2018-18065"}],"links":[],"reference":"CERTFR-2020-AVI-090","revisions":[{"description":"Version initiale","revision_date":"2020-02-13T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens . Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-398519 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-398519.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-940889 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-940889.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-974843 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-974843.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-270778 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-780073 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-780073.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-986695 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-986695.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-750824 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-750824.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-951513 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-951513.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-431678 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-431678.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-591405 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-591405.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-978558 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-978558.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-978220 du 11 f\u00e9vrier 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-978220.pdf"}]}