Vulnerability Name:

CVE-2019-10930 (CCN-163564)

Assigned:2019-07-09
Published:2019-07-09
Updated:2020-06-10
Summary:A vulnerability has been identified in All other SIPROTEC 5 device types with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions ), DIGSI 5 engineering software (All versions < V7.90), SIPROTEC 5 device types 6MD85, 6MD86, 6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, 7UT87 and 7VE85 with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.90), SIPROTEC 5 device types 7SS85 and 7KE85 (All versions < V8.01), SIPROTEC 5 device types with CPU variants CP200 and the respective Ethernet communication modules (All versions). A remote attacker could use specially crafted packets sent to port 443/TCP to upload, download or delete files in certain parts of the file system.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-434
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2019-10930

Source: MISC
Type: Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdf

Source: CCN
Type: Siemens Security Advisory SSA-899560
Vulnerabilities in SIPROTEC 5 relays and DIGSI 5

Source: XF
Type: UNKNOWN
siemens-cve201910930-sec-bypass(163564)

Source: CCN
Type: ICSA-19-190-05
Siemens SIPROTEC 5 and DIGSI 5

Vulnerable Configuration:Configuration 1:
  • cpe:/a:siemens:digsi_5_engineering_software:7.90:*:*:*:*:*:*:*
  • OR cpe:/a:siemens:siprotec_5_digsi_device_driver:7.90:*:*:*:*:*:*:*
  • AND
  • cpe:/h:siemens:6md85:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:6md86:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:6md89:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sa82:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sa86:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sa87:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sd82:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sd86:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sd87:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sj82:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sj85:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sj86:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sk82:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sk85:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sl82:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sl86:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7sl87:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7um85:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7ut82:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7ut85:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7ut86:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7ut87:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7ve85:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:7vk87:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:siemens:siprotec_5:-:*:*:*:*:*:*:*
  • OR cpe:/h:siemens:digsi_5:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    siemens digsi 5 engineering software 7.90
    siemens siprotec 5 digsi device driver 7.90
    siemens 6md85 -
    siemens 6md86 -
    siemens 6md89 -
    siemens 7sa82 -
    siemens 7sa86 -
    siemens 7sa87 -
    siemens 7sd82 -
    siemens 7sd86 -
    siemens 7sd87 -
    siemens 7sj82 -
    siemens 7sj85 -
    siemens 7sj86 -
    siemens 7sk82 -
    siemens 7sk85 -
    siemens 7sl82 -
    siemens 7sl86 -
    siemens 7sl87 -
    siemens 7um85 -
    siemens 7ut82 -
    siemens 7ut85 -
    siemens 7ut86 -
    siemens 7ut87 -
    siemens 7ve85 -
    siemens 7vk87 -
    siemens siprotec 5 -
    siemens digsi 5 -