RSS   Vulnerabilities for
'Simatic hmi ktp mobile panels ktp700f firmware'
   RSS

2019-04-17
 
CVE-2019-6568

CWE-20
 

 
A vulnerability has been identified in CP1604 (All versions), CP1616 (All versions), SIMATIC CP343-1 Advanced (All versions), SIMATIC CP443-1 (All versions), SIMATIC CP443-1 Advanced (All versions), SIMATIC CP443-1 OPC UA (All versions), SIMATIC ET 200 SP Open Controller CPU 1515SP PC (All versions < V2.1.6), SIMATIC ET 200 SP Open Controller CPU 1515SP PC2 (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions), SIMATIC HMI Comfort Panels 4" - 22" (All versions), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions), SIMATIC IPC DiagMonitor (All versions), SIMATIC RF181-EIP (All versions), SIMATIC RF182C (All versions), SIMATIC RF185C (All versions < V1.1.0), SIMATIC RF186C (All versions < V1.1.0), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R (All versions < V3.2.1), SIMATIC S7-1500 CPU family (All versions < V2.6.1), SIMATIC S7-1500 Software Controller (All versions < V2.7), SIMATIC S7-300 CPU family (All versions < V3.X.16), SIMATIC S7-400 PN (incl. F) V6 and below (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC S7-PLCSIM Advanced (All versions < V2.0 SP1 UPD1), SIMATIC Teleservice Adapter IE Advanced (All versions), SIMATIC Teleservice Adapter IE Basic (All versions), SIMATIC Teleservice Adapter IE Standard (All versions), SIMATIC WinAC RTX 2010 (All versions), SIMATIC WinCC Runtime Advanced (All versions), SIMOCODE pro V EIP (All versions), SIMOCODE pro V PN (All versions), SINAMICS G130 V4.6 (Control Unit) (All versions), SINAMICS G130 V4.7 (Control Unit) (All versions), SINAMICS G130 V4.7 SP1 (Control Unit) (All versions), SINAMICS G130 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS G130 V5.1 (Control Unit) (All versions), SINAMICS G130 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS G150 V4.6 (Control Unit) (All versions), SINAMICS G150 V4.7 (Control Unit) (All versions), SINAMICS G150 V4.7 SP1 (Control Unit) (All versions), SINAMICS G150 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS G150 V5.1 (Control Unit) (All versions), SINAMICS G150 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS S120 V4.6 (Control Unit) (All versions), SINAMICS S120 V4.7 (Control Unit) (All versions), SINAMICS S120 V4.7 SP1 (Control Unit) (All versions), SINAMICS S120 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS S120 V5.1 (Control Unit) (All versions), SINAMICS S120 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS S150 V4.6 (Control Unit) (All versions), SINAMICS S150 V4.7 (Control Unit) (All versions), SINAMICS S150 V4.7 SP1 (Control Unit) (All versions), SINAMICS S150 V4.8 (Control Unit) (All versions < V4.8 HF6), SINAMICS S150 V5.1 (Control Unit) (All versions), SINAMICS S150 V5.1 SP1 (Control Unit) (All versions < V5.1 SP1 HF4), SINAMICS S210 V5.1 (Control Unit) (All versions), SINAMICS S210 V5.1 SP1 (Control Unit) (All versions), SITOP Manager (All versions), SITOP PSU8600 (All versions), SITOP UPS1600 (All versions), TIM 1531 IRC (All versions). The webserver of the affected devices contains a vulnerability that may lead to a denial-of-service condition. An attacker may cause a denial-of-service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

 
2018-12-13
 
CVE-2018-13813

CWE-601
 

 
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

 
 
CVE-2018-13812

CWE-22
 

 
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

 

 >>> Vendor: Siemens 449 Products
Reliant unix
Hinet lp
3568i wap
M45
S45
S55
Santis 50
Speedstream wireless router
Gigaset se361 wlan router
Speedstream 6520
Speedstream 5200
Gigaset wlan camera
Gigaset c450 ip
Gigaset c475 ip
Gigaset se461 wimax router
Simatic pcs 7
Simatic wincc
Simatic wincc flexible runtime
Simatic wincc runtime
Tecnomatix factorylink
Simatic hmi panels
Wincc
Wincc flexible
Wincc flexible runtime
Wincc runtime advanced
Automation license manager
Scalance s firmware
Scalance s602
Scalance s612
Scalance s613
Scalance x-300 firmware
Scalance x-300eec firmware
Scalance x308-2m firmware
Scalance x414-3e firmware
Scalance xr-300 firmware
Scalance x-300
Scalance x-300eec
Scalance x308-2m
Scalance x414-3e
Scalance xr-300
Simatic pcs7
Simatic step 7
Simatic s7-400 cpu 412-2 pn
Simatic s7-400 cpu 414-3 pn/dp
Simatic s7-400 cpu 414f-3 pn/dp
Simatic s7-400 cpu 416-3 pn/dp
Simatic s7-400 cpu 416f-3 pn/dp
Simatic s7-400 cpu firmware
Synco ozw web server
Synco ozw web server firmware
Comos
Simatic s7-1200 plc
Sipass integrated
Processsuite
ROS
Rox i os
Rox ii os
Ruggedmax os
Simatic rf-manager
Simatic rf-manager 2008
Wincc tia portal
Scalance x204irt
Scalance x202-2irt
Scalance x202-2p irt
Scalance x201-3p irt
Scalance x200-4p irt
Scalance xf204irt
Scalance x200irt firmware
Openscape session border controller
Enterprise openscape branch
Scalance w744-1
Scalance w744-1pro
Scalance w746-1
Scalance w746-1pro
Scalance w747-1
Scalance w747-1rr
Scalance w784-1
Scalance w784-1rr
Scalance w786-1pro
Scalance w786-2pro
Scalance w786-2rr
Scalance w786-3pro
Scalance w788-1pro
Scalance w788-1rr
Scalance w788-2pro
Scalance w788-2rr
Scalance w700 series firmware
Scalance x-200
Scalance x-200rna
Scalance xf-200
Scalance x-200 series firmware
Sinamics g110
Sinamics g110d
Sinamics g120
Sinamics g120c
Sinamics g120d
Sinamics g120p
Sinamics g130
Sinamics g150
Sinamics g180
See all Products for Vendor Siemens


Copyright 2019, cxsecurity.com

 

Back to Top