{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Spectrum Power 7 versions ant\u00e9rieures \u00e0 V23Q4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"CP-8050 MASTER MODULE (6MF2805-0AA00) versions ant\u00e9rieures \u00e0 CPCI85 V05.20","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Teamcenter Visualization versions V14.2 ant\u00e9rieures \u00e0 V14.2.0.9","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"JT2Go versions ant\u00e9rieures \u00e0 V14.3.0.6","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Teamcenter Visualization versions V14.1 ant\u00e9rieures \u00e0 V14.1.0.12","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC IPC647E avec maxView Storage Manager versions ant\u00e9rieures \u00e0 V4.14.00.26068 sur Windows","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC IPC847E avec maxView Storage Manager versions ant\u00e9rieures \u00e0 V4.14.00.26068 sur Windows","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CN 4100 versions ant\u00e9rieures \u00e0 V2.7","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC IPC1047E avec maxView Storage Manager versions ant\u00e9rieures \u00e0 V4.14.00.26068 sur Windows","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"CP-8031 MASTER MODULE (6MF2803-1AA00) versions ant\u00e9rieures \u00e0 CPCI85 V05.20","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Teamcenter Visualization versions V14.3 ant\u00e9rieures \u00e0 V14.3.0.6","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Teamcenter Visualization versions V13.3 ant\u00e9rieures \u00e0 V13.3.0.13","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Solid Edge SE2023 versions ant\u00e9rieures \u00e0 V223.0 Update 10","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-49252","url":"https://www.cve.org/CVERecord?id=CVE-2023-49252"},{"name":"CVE-2023-49123","url":"https://www.cve.org/CVERecord?id=CVE-2023-49123"},{"name":"CVE-2023-42797","url":"https://www.cve.org/CVERecord?id=CVE-2023-42797"},{"name":"CVE-2023-49132","url":"https://www.cve.org/CVERecord?id=CVE-2023-49132"},{"name":"CVE-2023-51744","url":"https://www.cve.org/CVERecord?id=CVE-2023-51744"},{"name":"CVE-2023-49251","url":"https://www.cve.org/CVERecord?id=CVE-2023-49251"},{"name":"CVE-2023-51438","url":"https://www.cve.org/CVERecord?id=CVE-2023-51438"},{"name":"CVE-2023-49122","url":"https://www.cve.org/CVERecord?id=CVE-2023-49122"},{"name":"CVE-2023-51746","url":"https://www.cve.org/CVERecord?id=CVE-2023-51746"},{"name":"CVE-2023-51439","url":"https://www.cve.org/CVERecord?id=CVE-2023-51439"},{"name":"CVE-2023-51745","url":"https://www.cve.org/CVERecord?id=CVE-2023-51745"},{"name":"CVE-2023-49124","url":"https://www.cve.org/CVERecord?id=CVE-2023-49124"},{"name":"CVE-2023-49130","url":"https://www.cve.org/CVERecord?id=CVE-2023-49130"},{"name":"CVE-2023-49131","url":"https://www.cve.org/CVERecord?id=CVE-2023-49131"},{"name":"CVE-2023-49129","url":"https://www.cve.org/CVERecord?id=CVE-2023-49129"},{"name":"CVE-2023-44120","url":"https://www.cve.org/CVERecord?id=CVE-2023-44120"},{"name":"CVE-2023-49621","url":"https://www.cve.org/CVERecord?id=CVE-2023-49621"},{"name":"CVE-2023-49126","url":"https://www.cve.org/CVERecord?id=CVE-2023-49126"},{"name":"CVE-2023-49121","url":"https://www.cve.org/CVERecord?id=CVE-2023-49121"},{"name":"CVE-2023-49127","url":"https://www.cve.org/CVERecord?id=CVE-2023-49127"},{"name":"CVE-2023-49128","url":"https://www.cve.org/CVERecord?id=CVE-2023-49128"}],"links":[],"reference":"CERTFR-2024-AVI-0014","revisions":[{"description":"Version initiale","revision_date":"2024-01-09T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-777015 du 09 janvier 2024","url":"https://cert-portal.siemens.com/productcert/html/ssa-777015.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-794653 du 09 janvier 2024","url":"https://cert-portal.siemens.com/productcert/html/ssa-794653.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-583634 du 09 janvier 2024","url":"https://cert-portal.siemens.com/productcert/html/ssa-583634.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-702935 du 09 janvier 2024","url":"https://cert-portal.siemens.com/productcert/html/ssa-702935.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-589891 du 09 janvier 2024","url":"https://cert-portal.siemens.com/productcert/html/ssa-589891.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-786191 du 09 janvier 2024","url":"https://cert-portal.siemens.com/productcert/html/ssa-786191.html"}]}