Detections
Analytics

Siemens SIMATIC PCS7 < V9.1 and TIA Portal < 15.2 Unrestricted Upload of File with Dangerous Type (ICSA-19-192-02)

high Nessus Network Monitor Plugin ID 720309

Synopsis

A remotely exploitable Unrestricted Upload of File with Dangerous Type vulnerability has been identified in SIMATIC PCS7 v8 through v9.0, SIMATIC WinCC (TIA Portal) v14 through v15.1.

Description

The SIMATIC WinCC DataMonitor web application of the affected products allows an authenticated user with network access to the WinCC DataMonitor application to upload arbitrary ASPX code. Successful exploitation requires no user interaction and may impact the confidentiality, integrity, and availability of the affected device. The vulnerability is relevant only in situations where an attacker has access via the web interface but not to the directory structure.

Solution

Perform vendor recommended mitigations and apply available vendor upgrades.

See Also

https://www.us-cert.gov/ics/advisories/icsa-19-192-02

Plugin Details

Severity: High

ID: 720309

Family: SCADA

Published: 10/28/2019

Updated: 10/28/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 10/10/2019

Vulnerability Publication Date: 7/11/2019

Reference Information

CVE: CVE-2019-10935