Network Access Vulnerability in Siemens SIMATIC HMI Devices and WinCC Products
CVE-2019-6576

7.5HIGH

Key Information:

Vendor
Siemens
Status
Simatic Hmi Comfort Panels 4" - 22"
Simatic Hmi Comfort Outdoor Panels 7" & 15"
Simatic Hmi Ktp Mobile Panels Ktp400f, Ktp700, Ktp700f, Ktp900 Und Ktp900f
Simatic Wincc Runtime Advanced
Vendor
CVE Published:
14 May 2019

Summary

A vulnerability in Siemens SIMATIC HMI devices and WinCC products allows an attacker with network access to obtain TLS session keys. This could enable decryption of sensitive TLS traffic between legitimate users and the affected device. The flaw is present in multiple models and versions, posing risks to the confidentiality of communications. At the time of this advisory, there were no known public exploits related to this vulnerability.

Affected Version(s)

SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) All versions

SIMATIC HMI Comfort Outdoor Panels 7" & 15" All versions < V15.1 Update 1

SIMATIC HMI Comfort Panels 4" - 22" All versions < V15.1 Update 1

References

https://cert-portal.siemens.com/productcert/pdf/ssa-80448...
x_refsource_MISC
http://www.securityfocus.com/bid/108412
vdb-entryx_refsource_BID
https://www.us-cert.gov/ics/advisories/ICSA-19-134-09
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.