{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Teamcenter Active Workspace versions 5.2.x ant\u00e9rieures \u00e0 5.2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"JTTK versions ant\u00e9rieures \u00e0 11.0.3.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SiPass integrated versions ant\u00e9rieures \u00e0 2.76","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINUMERIK Edge versions ant\u00e9rieures \u00e0 3.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ITC2200 V3 PRO versions ant\u00e9rieures \u00e0 3.2.1.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC eaSie PCS 7 Skill Package (6DL5424-0BX00-0AV8) versions ant\u00e9rieures \u00e0 21.00 SP3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Siveillance Identity V5 versions ant\u00e9rieures \u00e0 1.6.284, ou sans le correctif de s\u00e9curit\u00e9 SP5","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC00-U toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ITC1900 V3 versions ant\u00e9rieures \u00e0 3.2.1.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"JT2Go versions ant\u00e9rieures \u00e0 13.2.0.5","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) versions ant\u00e9rieures \u00e0 2.41","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC22.1-E.D toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC001-E.D toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"JTTK versions ant\u00e9rieures \u00e0 10.8.1.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) versions ant\u00e9rieures \u00e0 2.41","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE MEC (PPC) (BACnet) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Siveillance Identity V1.6 versions ant\u00e9rieures \u00e0 1.6.284.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE PXC Compact (P2 Ethernet) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"JTTK versions ant\u00e9rieures \u00e0 11.1.1.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"JT Utilities versions ant\u00e9rieures \u00e0 12.8.1.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC50-E.D toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC200-E.D toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC36.1-E.D toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC00-E.D toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SiPass integrated versions ant\u00e9rieures \u00e0 2.80","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE PXC Modular (BACnet) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Teamcenter Visualization versions ant\u00e9rieures \u00e0 13.2.0.5","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC22-E.D toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Simcenter STAR-CCM+ Viewer versions ant\u00e9rieures \u00e0 2021.3.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Teamcenter Active Workspace versions 5.1.x ant\u00e9rieures \u00e0 5.1.6","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Capital VSTAR toutes versions avec l'option Ethernet activ\u00e9e","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SiPass integrated versions ant\u00e9rieures \u00e0 2.85","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"JT Utilities versions ant\u00e9rieures \u00e0 13.1.1.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) versions ant\u00e9rieures \u00e0 2.41","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC100-E.D toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"ModelSim Simulation toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE PXC Modular (P2 Ethernet) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ITC2200 V3 versions ant\u00e9rieures \u00e0 3.2.1.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC12-E.D toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Questa Simulation toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"JT Utilities versions ant\u00e9rieures \u00e0 13.0.3.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Teamcenter Active Workspace versions 5.0.x ant\u00e9rieures \u00e0 5.0.10","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC128-U toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE MEC (PPC) (P2 Ethernet) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ITC1900 V3 PRO versions ant\u00e9rieures \u00e0 3.2.1.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Teamcenter Active Workspace versions 4.3.x ant\u00e9rieures \u00e0 V4.3.11","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE PXC Compact (BACnet) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) versions ant\u00e9rieures \u00e0 2.41","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE MBC (PPC) (P2 Ethernet) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"APOGEE MBC (PPC) (BACnet) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ITC1500 V3 PRO versions ant\u00e9rieures \u00e0 3.2.1.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ITC1500 V3 versions ant\u00e9rieures \u00e0 3.2.1.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Desigo PXC64-U toutes versions post\u00e9rieures \u00e0 2.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2021-44443","url":"https://www.cve.org/CVERecord?id=CVE-2021-44443"},{"name":"CVE-2021-31881","url":"https://www.cve.org/CVERecord?id=CVE-2021-31881"},{"name":"CVE-2021-44444","url":"https://www.cve.org/CVERecord?id=CVE-2021-44444"},{"name":"CVE-2021-44009","url":"https://www.cve.org/CVERecord?id=CVE-2021-44009"},{"name":"CVE-2021-31888","url":"https://www.cve.org/CVERecord?id=CVE-2021-31888"},{"name":"CVE-2021-44447","url":"https://www.cve.org/CVERecord?id=CVE-2021-44447"},{"name":"CVE-2018-20749","url":"https://www.cve.org/CVERecord?id=CVE-2018-20749"},{"name":"CVE-2021-44013","url":"https://www.cve.org/CVERecord?id=CVE-2021-44013"},{"name":"CVE-2021-31885","url":"https://www.cve.org/CVERecord?id=CVE-2021-31885"},{"name":"CVE-2021-31887","url":"https://www.cve.org/CVERecord?id=CVE-2021-31887"},{"name":"CVE-2019-15690","url":"https://www.cve.org/CVERecord?id=CVE-2019-15690"},{"name":"CVE-2021-44012","url":"https://www.cve.org/CVERecord?id=CVE-2021-44012"},{"name":"CVE-2020-14396","url":"https://www.cve.org/CVERecord?id=CVE-2020-14396"},{"name":"CVE-2021-44001","url":"https://www.cve.org/CVERecord?id=CVE-2021-44001"},{"name":"CVE-2020-14404","url":"https://www.cve.org/CVERecord?id=CVE-2020-14404"},{"name":"CVE-2021-44430","url":"https://www.cve.org/CVERecord?id=CVE-2021-44430"},{"name":"CVE-2021-44440","url":"https://www.cve.org/CVERecord?id=CVE-2021-44440"},{"name":"CVE-2021-44432","url":"https://www.cve.org/CVERecord?id=CVE-2021-44432"},{"name":"CVE-2021-44445","url":"https://www.cve.org/CVERecord?id=CVE-2021-44445"},{"name":"CVE-2021-31884","url":"https://www.cve.org/CVERecord?id=CVE-2021-31884"},{"name":"CVE-2021-44434","url":"https://www.cve.org/CVERecord?id=CVE-2021-44434"},{"name":"CVE-2021-44449","url":"https://www.cve.org/CVERecord?id=CVE-2021-44449"},{"name":"CVE-2019-15681","url":"https://www.cve.org/CVERecord?id=CVE-2019-15681"},{"name":"CVE-2021-44435","url":"https://www.cve.org/CVERecord?id=CVE-2021-44435"},{"name":"CVE-2021-42023","url":"https://www.cve.org/CVERecord?id=CVE-2021-42023"},{"name":"CVE-2021-44442","url":"https://www.cve.org/CVERecord?id=CVE-2021-44442"},{"name":"CVE-2021-44002","url":"https://www.cve.org/CVERecord?id=CVE-2021-44002"},{"name":"CVE-2021-44014","url":"https://www.cve.org/CVERecord?id=CVE-2021-44014"},{"name":"CVE-2021-44436","url":"https://www.cve.org/CVERecord?id=CVE-2021-44436"},{"name":"CVE-2021-31882","url":"https://www.cve.org/CVERecord?id=CVE-2021-31882"},{"name":"CVE-2021-44438","url":"https://www.cve.org/CVERecord?id=CVE-2021-44438"},{"name":"CVE-2021-44006","url":"https://www.cve.org/CVERecord?id=CVE-2021-44006"},{"name":"CVE-2021-41547","url":"https://www.cve.org/CVERecord?id=CVE-2021-41547"},{"name":"CVE-2021-44008","url":"https://www.cve.org/CVERecord?id=CVE-2021-44008"},{"name":"CVE-2021-44017","url":"https://www.cve.org/CVERecord?id=CVE-2021-44017"},{"name":"CVE-2021-44441","url":"https://www.cve.org/CVERecord?id=CVE-2021-44441"},{"name":"CVE-2021-44011","url":"https://www.cve.org/CVERecord?id=CVE-2021-44011"},{"name":"CVE-2018-20748","url":"https://www.cve.org/CVERecord?id=CVE-2018-20748"},{"name":"CVE-2019-20788","url":"https://www.cve.org/CVERecord?id=CVE-2019-20788"},{"name":"CVE-2021-44446","url":"https://www.cve.org/CVERecord?id=CVE-2021-44446"},{"name":"CVE-2021-44010","url":"https://www.cve.org/CVERecord?id=CVE-2021-44010"},{"name":"CVE-2021-44522","url":"https://www.cve.org/CVERecord?id=CVE-2021-44522"},{"name":"CVE-2021-44448","url":"https://www.cve.org/CVERecord?id=CVE-2021-44448"},{"name":"CVE-2021-44523","url":"https://www.cve.org/CVERecord?id=CVE-2021-44523"},{"name":"CVE-2019-20840","url":"https://www.cve.org/CVERecord?id=CVE-2019-20840"},{"name":"CVE-2021-31346","url":"https://www.cve.org/CVERecord?id=CVE-2021-31346"},{"name":"CVE-2018-20750","url":"https://www.cve.org/CVERecord?id=CVE-2018-20750"},{"name":"CVE-2021-42022","url":"https://www.cve.org/CVERecord?id=CVE-2021-42022"},{"name":"CVE-2021-44433","url":"https://www.cve.org/CVERecord?id=CVE-2021-44433"},{"name":"CVE-2021-44004","url":"https://www.cve.org/CVERecord?id=CVE-2021-44004"},{"name":"CVE-2017-18922","url":"https://www.cve.org/CVERecord?id=CVE-2017-18922"},{"name":"CVE-2021-44524","url":"https://www.cve.org/CVERecord?id=CVE-2021-44524"},{"name":"CVE-2021-44003","url":"https://www.cve.org/CVERecord?id=CVE-2021-44003"},{"name":"CVE-2021-44007","url":"https://www.cve.org/CVERecord?id=CVE-2021-44007"},{"name":"CVE-2021-42024","url":"https://www.cve.org/CVERecord?id=CVE-2021-42024"},{"name":"CVE-2019-20839","url":"https://www.cve.org/CVERecord?id=CVE-2019-20839"},{"name":"CVE-2021-44431","url":"https://www.cve.org/CVERecord?id=CVE-2021-44431"},{"name":"CVE-2021-31889","url":"https://www.cve.org/CVERecord?id=CVE-2021-31889"},{"name":"CVE-2021-44005","url":"https://www.cve.org/CVERecord?id=CVE-2021-44005"},{"name":"CVE-2020-14402","url":"https://www.cve.org/CVERecord?id=CVE-2020-14402"},{"name":"CVE-2020-14397","url":"https://www.cve.org/CVERecord?id=CVE-2020-14397"},{"name":"CVE-2021-31883","url":"https://www.cve.org/CVERecord?id=CVE-2021-31883"},{"name":"CVE-2020-14398","url":"https://www.cve.org/CVERecord?id=CVE-2020-14398"},{"name":"CVE-2020-14403","url":"https://www.cve.org/CVERecord?id=CVE-2020-14403"},{"name":"CVE-2021-44439","url":"https://www.cve.org/CVERecord?id=CVE-2021-44439"},{"name":"CVE-2021-44015","url":"https://www.cve.org/CVERecord?id=CVE-2021-44015"},{"name":"CVE-2021-44437","url":"https://www.cve.org/CVERecord?id=CVE-2021-44437"},{"name":"CVE-2021-31886","url":"https://www.cve.org/CVERecord?id=CVE-2021-31886"},{"name":"CVE-2021-44450","url":"https://www.cve.org/CVERecord?id=CVE-2021-44450"},{"name":"CVE-2021-42027","url":"https://www.cve.org/CVERecord?id=CVE-2021-42027"},{"name":"CVE-2021-31890","url":"https://www.cve.org/CVERecord?id=CVE-2021-31890"},{"name":"CVE-2020-14405","url":"https://www.cve.org/CVERecord?id=CVE-2020-14405"},{"name":"CVE-2021-31345","url":"https://www.cve.org/CVERecord?id=CVE-2021-31345"},{"name":"CVE-2018-20019","url":"https://www.cve.org/CVERecord?id=CVE-2018-20019"},{"name":"CVE-2018-15127","url":"https://www.cve.org/CVERecord?id=CVE-2018-15127"},{"name":"CVE-2018-21247","url":"https://www.cve.org/CVERecord?id=CVE-2018-21247"},{"name":"CVE-2021-44165","url":"https://www.cve.org/CVERecord?id=CVE-2021-44165"},{"name":"CVE-2021-31344","url":"https://www.cve.org/CVERecord?id=CVE-2021-31344"},{"name":"CVE-2020-14401","url":"https://www.cve.org/CVERecord?id=CVE-2020-14401"}],"links":[],"reference":"CERTFR-2021-AVI-949","revisions":[{"description":"Version initiale","revision_date":"2021-12-15T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"D\u00e9ni de service"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-620288 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-620288.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-133772 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-133772.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-199605 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-199605.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-595101 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-595101.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-496292 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-496292.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-400332 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-400332.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-463116 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-463116.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-523250 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-523250.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-352143 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-352143.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-390195 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-390195.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-396621 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-396621.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-802578 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-802578.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-160202 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-160202.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-161331 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-161331.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-114589 du 14 d\u00e9cembre 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-114589.pdf"}]}