CVE-2019-6579
published 2019-04-17CVE-2019-6579: A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). An attacker with network access to the web server on port 80/TCP or 443/TCP…
PriorityP266critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.28%
81.0th percentile
A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises confidentiality, integrity or availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens_ag | spectrum_power_4 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target is the Web Office Portal (WOP) component of Spectrum Power 4; monitor for unauthenticated OS command injection attempts arriving on port 80/TCP or 443/TCP directed at this web server. ↗
- →No authentication or user interaction is required; any inbound HTTP/HTTPS request to the WOP service could be an exploitation attempt — baseline and alert on unexpected command execution processes spawned by the web server process. ↗
- →Exploitation results in system commands running with administrative privileges; look for privileged child processes (e.g., cmd.exe, sh, bash) spawned from the web server on affected Spectrum Power 4 hosts. ↗
- ·Only Spectrum Power 4 installations that have the Web Office Portal (WOP) project enhancement (PE) enabled are vulnerable; installations without WOP are not affected. ↗
- ·The vendor-supplied fix is bugfix bf-47456_PE_WOP_fix; absence of this patch on a Spectrum Power 4 WOP host indicates a vulnerable configuration. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wq4c-88wr-4h4j: A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal)
ghsa_unreviewed·2022-05-13
CVE-2019-6579 [CRITICAL] GHSA-wq4c-88wr-4h4j: A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal)
A vulnerability has been identified in Spectrum Power 4 (with Web Office Portal). An attacker with network access to the web server on port 80/TCP or 443/TCP could execute system commands with administrative privileges. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises confidentiality, integrity or availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.
CISA ICS
Siemens Spectrum Power 4.7
cisa_ics·2019-04-09·CVSS 9.8
[CRITICAL] Siemens Spectrum Power 4.7
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens Spectrum Power 4.7
Last RevisedApril 09, 2019
Alert CodeICSA-19-099-02
## 1. EXECUTIVE SUMMARY
-
CVSS v3 10.0
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Siemens
- Equipment: Spectrum Power 4.7
- Vulnerability: Command Injection
## 2. RISK EVALUATION
Successful exploitation of this vulnerability in versions of Spectrum Power 4 using the user-specific project enhancement (PE) Web Office Portal (WOP) are affected by an OS command injection vulnerability. The vulnerability could be exploited by an unauthenticated attacker with network access
No detection rules found.
No public exploits indexed.
2019-04-17
Published