VDB
CNVD-2023-97278
CNVD-2023-97278
PUBLISHED
CVSS 7.099999904632568 HIGH
Opcenter Quality是一种质量管理体系(QMS),使组织能够通过提高流程稳定性来保障合规性、优化质量、降低缺陷和返工成本并实现卓越运营。SIMATIC PCS neo是一种分布式控制系统(DCS)。SINUMERIK集成产品套件有助于在生产环境的IT中实现机床的简单联网。Totally Integrated Automation Portal (TIA Portal)是一款PC软件,可提供西门子数字化自动化服务的完整范围,从数字规划、集成工程到透明操作。User Management Component (UMC) 是一个集成组件,可实现对用户的全系统集中维护。 Siemens User Management Component (UMC)存在未明漏洞,攻击者可利用该漏洞欺骗合法用户以触发不必要的行为。
Risk Scores
CVSS 3.1
7.099999904632568
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Totally Integrated Automation Portal (TIA Portal) V16 | 0 |
| Siemens | Opcenter Quality | 0 |
| Siemens | Totally Integrated Automation Portal (TIA Portal) V15.1 | 0 |
| Siemens | Totally Integrated Automation Portal (TIA Portal) V17 | 0 |
| Siemens | Totally Integrated Automation Portal (TIA Portal) V18 | 0 |
| Siemens | SINEC NMS | 0 |
| Siemens | SIMATIC PCS neo | 0 |
| Siemens | Opcenter Execution Foundation | 0 |
| Siemens | Totally Integrated Automation Portal (TIA Portal) V14 | 0 |
Exploit Intelligence
Timeline
- Dec 11, 2023 CVE Published
- Jan 2, 2024 PoC Published