VDB
ICSA-20-014-04
ICSA-20-014-04
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Successful exploitation of this vulnerability could allow an unauthorized attacker with physical access to the affected device to restart the HMI with disabled security controls, which could be used to launch further attacks against the affected device.
Risk Scores
CVSS 3.1
6.800000190734863
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SINAMICS PERFECT HARMONY GH180 Drives: All versions |
Timeline
- Jan 14, 2020 CVE Published
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-014-04.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-20-014-04 advisory
- https://www.us-cert.gov/ics/alerts/ICS-ALERT-10-301-01 url
- https://www.us-cert.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://www.us-cert.gov/ics/tips/ICS-TIP-12-146-01B url
- https://cert-portal.siemens.com/productcert/txt/SSA-242353.txt url