VDB
CNVD-2021-54367
CNVD-2021-54367
PUBLISHED
Siemens SIMATIC WinCC等都是德国西门子(Siemens)公司的产品。SIMATIC WinCC是一套自动化的数据采集与监控(SCADA)系统。Siemens SIMATIC HMI Comfort Panels是一款触摸面板设备。Siemens SIMATIC HMI Comfort Outdoor Panels是一款专用于户外的触摸面板设备。 多款Siemens产品中存在权限许可和访问控制问题漏洞。该漏洞源于网络系统或产品缺乏有效的权限许可和访问控制措施。攻击者可利用漏洞损害受影响系统的机密性和完整性。
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) < V15.1 Update 1 | ||
| Siemens SIMATIC WinCC Runtime Advanced < V15.1 Update 1 | ||
| Siemens SIMATIC WinCC (TIA Portal) < V15.1 Update 1 | ||
| Siemens SIMATIC HMI Classic Devices - TP/MP/OP/MP Mobile Panel (incl. SIPLUS variants) | ||
| Siemens SIMATIC HMI KTP Mobile Panels KTP400F,KTP700,KTP700F,KTP900 and KTP900F < V15.1 Update 1 | ||
| Siemens SIMATIC WinCC Runtime Professional < V15.1 Update 1 | ||
| Siemens SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) < V15.1 Update 1 |
Timeline
- May 14, 2019 CVE ID Reserved
- Jul 24, 2021 CVE Published