{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SCALANCE X308-2 versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X307-3 versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMIT Simulation Platform toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Gamme SIMATIC S7-300 (y compris CPUs ET200 et variantes SIPLUS) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Gamme SIMATIC S7-400 PN/DP V7 (y compris variantes SIPLUS) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CFU DIQ (6ES7655-5PX31-1XX0) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinAC RTX toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINETPLAN toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC TDC CP51M1 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W1788-2 EEC M12 (6GK5788-2GY01-0TA0) versions ant\u00e9rieures \u00e0 V3.0.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X306-1LD FE (6GK5306-1BF00-2AA3) versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC STEP 7 (TIA Portal) versions ant\u00e9rieures \u00e0 V17 Update 2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W1788-1 M12 (6GK5788-1GY01-0AA0) versions ant\u00e9rieures \u00e0 V3.0.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W1788-2IA M12 (6GK5788-2HY01-0AA0) versions ant\u00e9rieures \u00e0 V3.0.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X310 versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE XR324-4M PoE TS versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PCS neo (Administration Console) versions ant\u00e9rieures \u00e0 V3.1 SP1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X308-2LD versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X308-2M PoE versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X304-2FE (6GK5304-2BD00-2AA3) versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X320-1-2LD FE (6GK5320-3BF00-2AA3) versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"TIA Portal V15, V15.1, V16 et V17","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC TDC CPU555 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE XR324-4M EEC versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SICAM A8000 CP-8050 (6MF2805-0AA00) versions ant\u00e9rieures \u00e0 V4.80","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC Energy Manager PRO versions ant\u00e9rieures \u00e0 V7.3 Update 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W1788-2 M12 (6GK5788-2GY01-0AA0) versions ant\u00e9rieures \u00e0 V3.0.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X408-2 (6GK5408-2FD00-2AA2) versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X308-2LH versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X307-3LD versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X302-7 EEC versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X308-2LH+ versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC STEP 7 (TIA Portal) versions ant\u00e9rieures \u00e0 V16 Update 5","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X320-1 FE (6GK5320-1BD00-2AA3) versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC STEP 7 (TIA Portal) V15 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X308-2M TS versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Mendix Applications using Mendix 9 versions ant\u00e9rieures \u00e0 V9.12.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE XR324-12M TS versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X310FE versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X307-2 EEC versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Simcenter Femap versions ant\u00e9rieures \u00e0 V2022.1.","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE XR324-12M versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Gamme SIMATIC S7-410 V8 (y compris variantes SIPLUS) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Gamme SIMATIC S7-1500 (y compris CPUs ET200 et variantes SIPLUS) versions ant\u00e9rieures \u00e0 V2.0.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Mendix Applications using Mendix 7 versions ant\u00e9rieures \u00e0 V7.23.27 (ne corrige pas toutes les CVE)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE X308-2M versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Gamme SIMATIC S7-400 H V6 (y compris variantes SIPLUS) versions ant\u00e9rieures \u00e0 V6.0.10","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CFU PA (6ES7655-5PX11-0XX0) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIPLUS NET SCALANCE X308-2 (6AG1308-2FL10-4AA3) versions ant\u00e9rieures \u00e0 V4.1.4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC Energy Manager Basic versions ant\u00e9rieures \u00e0 V7.3 Update 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SICAM A8000 CP-8031 (6MF2803-1AA00) versions ant\u00e9rieures \u00e0 V4.80","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Gamme SIMATIC S7-410 V10 (y compris variantes SIPLUS) toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Mendix Applications using Mendix 8 versions ant\u00e9rieures \u00e0 V8.18.14 (ne corrige pas toutes les CVE)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2022-27241","url":"https://www.cve.org/CVERecord?id=CVE-2022-27241"},{"name":"CVE-2022-26380","url":"https://www.cve.org/CVERecord?id=CVE-2022-26380"},{"name":"CVE-2022-27194","url":"https://www.cve.org/CVERecord?id=CVE-2022-27194"},{"name":"CVE-2022-25754","url":"https://www.cve.org/CVERecord?id=CVE-2022-25754"},{"name":"CVE-2022-28661","url":"https://www.cve.org/CVERecord?id=CVE-2022-28661"},{"name":"CVE-2022-23448","url":"https://www.cve.org/CVERecord?id=CVE-2022-23448"},{"name":"CVE-2022-25753","url":"https://www.cve.org/CVERecord?id=CVE-2022-25753"},{"name":"CVE-2021-40368","url":"https://www.cve.org/CVERecord?id=CVE-2021-40368"},{"name":"CVE-2022-26335","url":"https://www.cve.org/CVERecord?id=CVE-2022-26335"},{"name":"CVE-2022-26334","url":"https://www.cve.org/CVERecord?id=CVE-2022-26334"},{"name":"CVE-2022-23450","url":"https://www.cve.org/CVERecord?id=CVE-2022-23450"},{"name":"CVE-2022-28328","url":"https://www.cve.org/CVERecord?id=CVE-2022-28328"},{"name":"CVE-2022-27481","url":"https://www.cve.org/CVERecord?id=CVE-2022-27481"},{"name":"CVE-2022-25756","url":"https://www.cve.org/CVERecord?id=CVE-2022-25756"},{"name":"CVE-2022-25751","url":"https://www.cve.org/CVERecord?id=CVE-2022-25751"},{"name":"CVE-2022-28329","url":"https://www.cve.org/CVERecord?id=CVE-2022-28329"},{"name":"CVE-2022-25650","url":"https://www.cve.org/CVERecord?id=CVE-2022-25650"},{"name":"CVE-2022-28663","url":"https://www.cve.org/CVERecord?id=CVE-2022-28663"},{"name":"CVE-2022-27480","url":"https://www.cve.org/CVERecord?id=CVE-2022-27480"},{"name":"CVE-2022-28662","url":"https://www.cve.org/CVERecord?id=CVE-2022-28662"},{"name":"CVE-2021-42029","url":"https://www.cve.org/CVERecord?id=CVE-2021-42029"},{"name":"CVE-2022-25622","url":"https://www.cve.org/CVERecord?id=CVE-2022-25622"},{"name":"CVE-2022-25752","url":"https://www.cve.org/CVERecord?id=CVE-2022-25752"},{"name":"CVE-2022-25755","url":"https://www.cve.org/CVERecord?id=CVE-2022-25755"},{"name":"CVE-2022-23449","url":"https://www.cve.org/CVERecord?id=CVE-2022-23449"}],"links":[],"reference":"CERTFR-2022-AVI-329","revisions":[{"description":"Version initiale","revision_date":"2022-04-12T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSIEMENS. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits SIEMENS","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-446448 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-446448.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-557541 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-557541.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-655554 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-655554.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-414513 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-414513.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-870917 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-870917.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-316850 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-316850.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-836527 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-836527.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-711829 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-711829.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-392912 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-392912.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-350757 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-350757.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-998762 du 12 avril 2022","url":"https://cert-portal.siemens.com/productcert/html/ssa-998762.html"}]}