cbcvebase.
CVE-2020-10055
published 2020-08-14

CVE-2020-10055: A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are…

PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
5.98%
92.4th percentile
A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.

Affected

8 ranges
VendorProductVersion rangeFixed in
siemensdesigo_consumption_control
siemensdesigo_consumption_control
siemensdesigo_consumption_control_compact
siemensdesigo_consumption_control_compact
siemens_agdesigo_cc
siemens_agdesigo_cc
siemens_agdesigo_cc_compact
siemens_agdesigo_cc_compact

Detection & IOCsextracted from sources · hover to see the quote

  • The vulnerability is only exploitable when the Advanced Reporting Engine (BIRT) extension module is enabled/installed on Desigo CC or Desigo CC Compact. Detection should focus on identifying whether this module is active and whether unauthenticated remote requests are being made to its endpoints.
  • The vulnerability allows unauthenticated remote attackers to execute arbitrary commands with SYSTEM privileges. Monitor for unexpected SYSTEM-level process spawning from the Desigo CC application server process, especially child processes initiated by the BIRT reporting component.
  • No known public exploits exist as of the advisory date; however, the attack vector is network-based with no authentication required and low complexity. Prioritize monitoring inbound network traffic to Desigo CC servers for anomalous or unexpected requests targeting reporting engine endpoints.
  • ·The vulnerability is only present and exploitable if the Advanced Reporting Engine (BIRT) extension module is installed and enabled. Systems where this module has not been installed are not affected.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.