VDB
CNVD-2024-31242
CNVD-2024-31242
PUBLISHED
CVSS 6.5 MEDIUM
Totally Integrated Automation Portal (TIA Portal)是一款PC软件,可提供西门子数字化自动化服务的完整范围,从数字规划、集成工程到透明操作。 Siemens Engineering Platforms目录配置文件存在反序列化漏洞,攻击者可利用该漏洞造成类型混淆,并在受影响的应用程序中执行任意代码。
Risk Scores
CVSS v3.1
6.5
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | SIRIUS Safety ES V17 | 0 |
| Siemens | SIMATIC STEP 7 Safety V16 | 0 |
| siemens | tia_portal_cloud_v3.0 | 0 |
| Siemens | Soft Starter ES V16 | 0 |
| Siemens | SIMOTION SCOUT TIA V5.4 SP3 | 0 |
| siemens | simotion_scout_tia | v5.5sp1, v5.4sp3, v5.4sp1 |
| Siemens | SIRIUS Soft Starter ES V18 | 0 |
| siemens | simatic_wincc_unified | 0, 0, 0 |
| siemens | simatic_step_7 | 0, 0, 0 |
| Siemens | SIMATIC STEP 7 Safety V17 | 0 |
| Siemens | SIMOCODE ES V18 | 0 |
| Siemens | SINAMICS Startdrive V16 | 0 |
| Siemens | SINAMICS Startdrive V17 | 0 |
| Siemens | SIMOCODE ES V17 | 0 |
| Siemens | SIMATIC STEP 7 V17 | 0 |
| Siemens | SIMATIC STEP 7 V16 | 0 |
| Siemens | SIMATIC WinCC Unified V18 | 0 |
| Siemens | SIMOTION SCOUT TIA V5.5 SP1 | 0 |
| Siemens | SIMATIC WinCC Unified V16 | 0 |
| Siemens | SIMOTION SCOUT TIA V5.4 SP1 | 0 |
…and 18 more
Timeline
- Jul 9, 2024 CVE Published