{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SIMATIC PCS 7 V9.1 versions ant\u00e9rieures \u00e0 V9.1 SP2 UC04","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC versions ant\u00e9rieures \u00e0 V19 Update 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-1500 TM MFP toutes versions pour les vuln\u00e9rabilit\u00e9s CVE-2023-5678, CVE-2023-6121, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2023-45898, CVE-2024-0584 et CVE-2024-0727.","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Scalance W1750D versions ant\u00e9rieures \u00e0 V8.10.0.9","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC versions ant\u00e9rieures \u00e0 V7.5 SP2 Update 16","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2023-45898","url":"https://www.cve.org/CVERecord?id=CVE-2023-45898"},{"name":"CVE-2024-0584","url":"https://www.cve.org/CVERecord?id=CVE-2024-0584"},{"name":"CVE-2023-35982","url":"https://www.cve.org/CVERecord?id=CVE-2023-35982"},{"name":"CVE-2023-6817","url":"https://www.cve.org/CVERecord?id=CVE-2023-6817"},{"name":"CVE-2023-35981","url":"https://www.cve.org/CVERecord?id=CVE-2023-35981"},{"name":"CVE-2024-0727","url":"https://www.cve.org/CVERecord?id=CVE-2024-0727"},{"name":"CVE-2023-6932","url":"https://www.cve.org/CVERecord?id=CVE-2023-6932"},{"name":"CVE-2023-50821","url":"https://www.cve.org/CVERecord?id=CVE-2023-50821"},{"name":"CVE-2023-5678","url":"https://www.cve.org/CVERecord?id=CVE-2023-5678"},{"name":"CVE-2023-35980","url":"https://www.cve.org/CVERecord?id=CVE-2023-35980"},{"name":"CVE-2023-6121","url":"https://www.cve.org/CVERecord?id=CVE-2023-6121"},{"name":"CVE-2023-6931","url":"https://www.cve.org/CVERecord?id=CVE-2023-6931"}],"links":[],"reference":"CERTFR-2024-AVI-0281","revisions":[{"description":"Version initiale","revision_date":"2024-04-09T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits Siemens</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un\nd\u00e9ni de service \u00e0 distance et une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-730482 du 09 avril 2024","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-730482.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-885980 du 09 avril 2024","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-885980.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-265688 du 09 avril 2024","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-265688.pdf"}]}