{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SIMATIC S7-1500 Software Controller versions ant\u00e9rieures \u00e0 V20.8","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"TIM 3V-IE versions ant\u00e9rieures \u00e0 V2.8","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X-200","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIDOOR ATE531S","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200SP IM155-6 PN/2 HF","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Climatix POL908","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1242-7 versions ant\u00e9rieures \u00e0 V3.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-1500 CPU family versions ant\u00e9rieures \u00e0 V2.8","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIDOOR ATE530S COATED","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"TIM 4R-IE versions ant\u00e9rieures \u00e0 V2.8","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 443-1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"INEMA Remote Connect Server versions ant\u00e9rieures \u00e0 V2.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"TALON TC Series (BACnet) versions ant\u00e9rieures ou \u00e9gales \u00e0 V3.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200MP IM155-5 PN HF","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE PXC Series (P2) versions ant\u00e9rieures ou \u00e9gales \u00e0 V2.8.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"IE/PB-Link V3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-400 PN/DP V7","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1543SP-1 versions ant\u00e9rieures \u00e0 V2.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1542SP-1 IRC versions ant\u00e9rieures \u00e0 V2.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXM20 (Power PC) versions ant\u00e9rieures ou \u00e9gales \u00e0 V2.3x","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1542SP-1 versions ant\u00e9rieures \u00e0 V2.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC MICRO-DRIVE PDC","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X-200IRT","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINAMICS S/G Control Unit w. PROFINET","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-300 CPU","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1243-1 versions ant\u00e9rieures \u00e0 V3.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE SC-600 versions ant\u00e9rieures \u00e0 V2.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC RF182C","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC RF186CI","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200SP IM155-6 PN HA","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1243-8 IRC versions ant\u00e9rieures \u00e0 V3.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC (Power PC) versions ant\u00e9rieures ou \u00e9gales \u00e0 V2.3x","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC RF186C","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinAC RTX (F) 2010","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X-300","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"TIM 4R-IE DNP3 versions ant\u00e9rieures \u00e0 V3.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC TDC CPU555","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET 200SP Open Controller CPU1515SP PC2 versions ant\u00e9rieures \u00e0 V20.8","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIDOOR ATD430W","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"TIM 3V-IE Advanced versions ant\u00e9rieures \u00e0 V2.8","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC RF180C","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1543-1 versions ant\u00e9rieures \u00e0 V2.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET 200SP Open Controller CPU1515SP PC versions ant\u00e9rieures \u00e0 V2.1.7","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE M-800 versions ant\u00e9rieures \u00e0 V6.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE MEC/MBC/PXC (P2) versions ant\u00e9rieures \u00e0 V2.8.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE S615 versions ant\u00e9rieures \u00e0 V6.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PN/PN Coupler","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC RF185C","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC RF188CI","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W700 IEEE 802.11a/b/g/n versions ant\u00e9rieures \u00e0 V6.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"RUGGEDCOM RM1224 versions ant\u00e9rieures \u00e0 V6.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1243-7 LTE EU versions ant\u00e9rieures \u00e0 V3.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-410 CPU","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMOTICS CONNECT 400 versions ant\u00e9rieures \u00e0 V0.3.0.330","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC TDC CP51M1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"KTK ATE530S","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W1700 IEEE 802.11ac versions ant\u00e9rieures \u00e0 V2.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"RUGGEDCOM ROX II versions ant\u00e9rieures \u00e0 V2.13.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"TIM 3V-IE DNP3 versions ant\u00e9rieures \u00e0 V3.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE PXC versions ant\u00e9rieures ou \u00e9gales \u00e0 V3.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 443-1 Advanced","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200SP IM155-6 PN HF","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Climatix POL909","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CP 1243-7 LTE US versions ant\u00e9rieures \u00e0 V3.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200SP IM155-6 PN/3 HF","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ET200SP IM155-6 MF HF","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC RF188C","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2018-5391","url":"https://www.cve.org/CVERecord?id=CVE-2018-5391"},{"name":"CVE-2020-7575","url":"https://www.cve.org/CVERecord?id=CVE-2020-7575"},{"name":"CVE-2020-7574","url":"https://www.cve.org/CVERecord?id=CVE-2020-7574"},{"name":"CVE-2019-13939","url":"https://www.cve.org/CVERecord?id=CVE-2019-13939"},{"name":"CVE-2018-5390","url":"https://www.cve.org/CVERecord?id=CVE-2018-5390"},{"name":"CVE-2019-10939","url":"https://www.cve.org/CVERecord?id=CVE-2019-10939"},{"name":"CVE-2019-19300","url":"https://www.cve.org/CVERecord?id=CVE-2019-19300"},{"name":"CVE-2019-19301","url":"https://www.cve.org/CVERecord?id=CVE-2019-19301"}],"links":[],"reference":"CERTFR-2020-AVI-207","revisions":[{"description":"Version initiale","revision_date":"2020-04-14T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-886514 du 14 avril 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-886514.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-102233 du 14 avril 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-102233.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-359303 du 14 avril 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-359303.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-162506 du 14 avril 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-593272 du 14 avril 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-593272.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-377115 du 14 avril 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"}]}