{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"S7-PCT toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Professional V17 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC CN 4100 versions ant\u00e9rieures \u00e0 V3.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Sicam CPCI85 Central Processing/Communication versions ant\u00e9rieures \u00e0 V5.30","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Professional V16 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Totally Integrated Automation Portal (TIA Portal) V17 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC OA V3.17 toutes versions. L'\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2023-46280.","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC V7.4 toutes versions. L'\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2023-46280.","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Totally Integrated Automation Portal (TIA Portal) V18 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Totally Integrated Automation Portal (TIA Portal) V16 toutes versions. L'\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2023-46280.","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PCS 7 V9.1 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Professional V19 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC Automation Tool toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Totally Integrated Automation Portal (TIA Portal) V15.1 toutes versions. L'\u00e9diteur indique que le produit ne b\u00e9n\u00e9ficiera pas de correctif de s\u00e9curit\u00e9 pour la vuln\u00e9rabilit\u00e9 CVE-2023-46280.","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PDM V9.2 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC Route Control V9.1 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC STEP 7 V5 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC V7.5 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Advanced toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Sicam CPC80 Central Processing/Communication versions ant\u00e9rieures \u00e0 V16.41","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Totally Integrated Automation Portal (TIA Portal) V19 versions ant\u00e9rieures \u00e0 V19 Update 2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Sicam OPUPI0 AMQP/MQTT versions ant\u00e9rieures \u00e0 V5.30","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"TIA Portal Cloud Connector versions ant\u00e9rieures \u00e0 V2.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Sicam SICORE Base system versions ant\u00e9rieures \u00e0 V1.3.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC V8.0 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Professional V18 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC OA V3.19 versions ant\u00e9rieures \u00e0 V3.19 P010","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Unified PC Runtime toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC NET PC Software toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC OA V3.18 versions ant\u00e9rieures \u00e0 V3.18 P025","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC BATCH V9.1 toutes versions","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2024-32741","url":"https://www.cve.org/CVERecord?id=CVE-2024-32741"},{"name":"CVE-2024-31484","url":"https://www.cve.org/CVERecord?id=CVE-2024-31484"},{"name":"CVE-2024-31485","url":"https://www.cve.org/CVERecord?id=CVE-2024-31485"},{"name":"CVE-2024-32742","url":"https://www.cve.org/CVERecord?id=CVE-2024-32742"},{"name":"CVE-2023-46280","url":"https://www.cve.org/CVERecord?id=CVE-2023-46280"},{"name":"CVE-2024-31486","url":"https://www.cve.org/CVERecord?id=CVE-2024-31486"},{"name":"CVE-2024-32740","url":"https://www.cve.org/CVERecord?id=CVE-2024-32740"}],"links":[],"reference":"CERTFR-2024-AVI-0393","revisions":[{"description":"Version initiale","revision_date":"2024-05-14T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"D\u00e9ni de service"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans <span\nclass=\"textit\">les produits Siemens</span>. Certaines d'entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-871704 du 14 mai 2024","url":"https://cert-portal.siemens.com/productcert/html/ssa-871704.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-273900 du 14 mai 2024","url":"https://cert-portal.siemens.com/productcert/html/ssa-273900.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-962515 du 14 mai 2024","url":"https://cert-portal.siemens.com/productcert/html/ssa-962515.html"}]}