CVE-2019-10915
published 2019-07-11CVE-2019-10915: A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator)…
PriorityP346high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
0.90%
55.1th percentile
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | sinetplan | — | — |
| siemens | tia_administrator | — | — |
| siemens_ag | tia_administrator | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SINETPLAN
cisa_ics·2019-09-10·CVSS 7.8
[HIGH] Siemens SINETPLAN
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens SINETPLAN
Last RevisedSeptember 10, 2019
Alert CodeICSA-19-253-02
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.0
- ATTENTION: Low skill level to exploit
- Vendor: Siemens
- Equipment: Siemens Network Planner (SINETPLAN)
- Vulnerability: Improper Authorization
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow information disclosure, code execution, and denial-of-service.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of SINETPLAN, an automation systems planner, are affected:
- SINETPLAN Version 2.0
## 3.2 VULNERABIL
CISA ICS
Siemens TIA Administrator (TIA Portal)
cisa_ics·2019-07-11·CVSS 7.8
[HIGH] Siemens TIA Administrator (TIA Portal)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens TIA Administrator (TIA Portal)
Last RevisedJuly 11, 2019
Alert CodeICSA-19-192-03
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.0
- ATTENTION: Low skill level to exploit
- Vendor: Siemens
- Equipment: TIA Administrator (TIA Portal)
- Vulnerability: Improper Access Control
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an execution of some commands without proper authentication.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of TIA Administrator are affected:
- TIA Administrator: All versions prior to v1.0 SP1 Upd1
GHSA
GHSA-pvc7-g7m2-hrpc: A vulnerability has been identified in TIA Administrator (All versions < V1
ghsa_unreviewed·2022-05-24
CVE-2019-10915 [HIGH] CWE-306 GHSA-pvc7-g7m2-hrpc: A vulnerability has been identified in TIA Administrator (All versions < V1
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The integrated configuration web application (TIA Administrator) allows to execute certain application commands without proper authentication. The vulnerability could be exploited by an attacker with local access to the affected system. Successful exploitation requires no privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
No detection rules found.
Tenable
Tenable Research Discovers Vulnerability in Siemens Critical Infrastructure Design Software
blogs_tenable·2019-07-09·CVSS 7.8
[HIGH] Tenable Research Discovers Vulnerability in Siemens Critical Infrastructure Design Software
## Tenable Research Discovers Vulnerability in Siemens Critical Infrastructure Design Software
July 9, 2019
·
Columbia, MD
Tenable®, Inc. , the Cyber Exposure company, today announced its research team discovered a critical vulnerability in Siemens STEP 7 TIA Portal, design and automation software for industrial control systems (ICS). The vulnerability, which impacts the same family of devices compromised in the STUXNET attack, could be used as a stepping stone in a tailored attack against critical infrastructure, with the potential for catastrophic damage.
The flaw [CVE-2019-10915] would allow an unauthenticated, remote attacker to perform any administrative actions on the system, enabling them to add malicious code to adjacent ICS. A bad actor could also exploit the vulnerability to h
Tenable
Tenable Research Discloses Critical Vulnerability in Siemens STEP 7 (CVE-2019-10915)
blogs_tenable·2019-07-09·CVSS 7.8
[HIGH] Tenable Research Discloses Critical Vulnerability in Siemens STEP 7 (CVE-2019-10915)
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Tenable
Tenable Research Discloses Critical Vulnerability in Siemens STEP 7 (CVE-2019-10915)
blogs_tenable·2019-07-09·CVSS 7.8
CVE-2019-10915 [HIGH] Tenable Research Discloses Critical Vulnerability in Siemens STEP 7 (CVE-2019-10915)
Blog / Research
Subscribe
# Tenable Research Discloses Critical Vulnerability in Siemens STEP 7 (CVE-2019-10915)
Tenable Research
July 9, 2019
2 Min Read
Tenable Research has discovered a critical vulnerability in Siemens TIA Portal (also referenced as STEP 7) that would allow an attacker to perform administrative actions. Siemens has released an update and security advisory.
- What you need to know: Tenable Research has disclosed an unauthenticated RCE in Siemens SIMATIC STEP 7 V15.1.
- What’s the attack vector? Authentication bypass in the TIA Administrator server through websockets on the node.js server.
- What’s the business impact? Attackers could perform any administrative actions on the TIA Portal, including elevating privileges or sending malicious firmware updates.
- What’s
http://www.securityfocus.com/bid/109124https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdfhttps://www.us-cert.gov/ics/advisories/icsa-19-253-02http://www.securityfocus.com/bid/109124https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdfhttps://cert-portal.siemens.com/productcert/pdf/ssa-834884.pdfhttps://www.us-cert.gov/ics/advisories/icsa-19-253-02
2019-07-11
Published