{"containers": {"cna": {"providerMetadata": {"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens", "dateUpdated": "2025-03-11T09:47:30.522Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value."}], "affected": [{"vendor": "Siemens", "product": "Capital Embedded AR Classic 431-422", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "Capital Embedded AR Classic R20-11", "versions": [{"status": "affected", "version": "0", "lessThan": "V2303", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "Nucleus NET", "versions": [{"status": "affected", "version": "All versions"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "Nucleus ReadyStart V3", "versions": [{"status": "affected", "version": "0", "lessThan": "V2017.02.3", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Siemens", "product": "Nucleus Source Code", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C", "baseScore": 7.1, "baseSeverity": "HIGH"}}, {"cvssV4_0": {"version": "4.0", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N", "baseScore": 7.1, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}], "references": [{"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06"}, {"url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"}, {"url": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T00:05:43.738Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06"}, {"url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html", "tags": ["x_transferred"]}, {"url": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html", "tags": ["x_transferred"]}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-13939", "datePublished": "2020-01-16T15:35:24", "dateReserved": "2019-07-18T00:00:00", "dateUpdated": "2025-03-11T09:47:30.522Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:capital_vstar:*:*:*:*:*:*:*:*", "matchCriteriaId": "3EC45D63-0FB7-4995-AF45-B41F6EF6A9E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:nucleus_net:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A987CFB-4A41-4F82-8C7F-31DE8F0650DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:nucleus_readystart:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE16530A-D354-43A0-A2C7-DB312646C69C", "versionEndExcluding": "2017.02.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:nucleus_safetycert:*:*:*:*:*:*:*:*", "matchCriteriaId": "7ED0DBA9-FFB1-407C-8429-BCD24DCB33FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:nucleus_source_code:*:*:*:*:*:*:*:*", "matchCriteriaId": "07DAF9C3-B56A-4F40-B90B-D0DE96869A44", "vulnerable": true}, {"criteria": "cpe:2.3:o:siemens:nucleus_rtos:*:*:*:*:*:*:*:*", "matchCriteriaId": "485540AD-9966-49B0-AC24-BEFE81C4D4E3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:apogee_modular_equiment_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F8240E52-8D3B-40AF-944F-5AD993279B07", "versionEndExcluding": "2.8.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:apogee_modular_equiment_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "7945BF7D-AB3A-4285-9C58-D56149ADFC15", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:apogee_modular_building_controller_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "217F3116-5F09-4D60-BD65-8960401434AF", "versionEndExcluding": "2.8.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:apogee_modular_building_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5F978E7-3DD9-4948-BFFB-E7273003477B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:apogee_pxc_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1206DD28-16D8-4F71-BABA-FDCE3CD9A91D", "versionEndIncluding": "2.8.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:apogee_pxc:-:*:*:*:*:*:*:*", "matchCriteriaId": "B73DAA70-4CFB-4E63-ADC7-EC8A93E0BBBB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigo_pxc_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "741E43A3-43D1-4ECF-915A-92E035FF8903", "versionStartIncluding": "2.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigo_pxc:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8ED54EF-1BAB-465B-A4D1-E779F63CF4F0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigo_pxm20_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "669CAA1B-9E47-4331-8E1F-92D562F3CFF2", "versionStartIncluding": "2.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigo_pxm20:-:*:*:*:*:*:*:*", "matchCriteriaId": "408DD298-FAC6-45E6-BF04-832C16B13927", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:simotics_connect_400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E01F98E1-441B-48CC-90FC-E9391D65844E", "versionEndIncluding": "0.3.0.95", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:simotics_connect_400:-:*:*:*:*:*:*:*", "matchCriteriaId": "48BFF9EF-D1C1-4107-8D1E-51315C03FFF0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:talon_tc_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7EC32195-D888-4A8B-AC77-D0C98A83E88A", "versionStartIncluding": "3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:talon_tc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F30FF737-174E-4760-A454-1DD174B4C966", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigo_pxc00-e.d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC441789-6954-48E7-9A42-1A2993C93066", "versionEndExcluding": "6.00.327", "versionStartIncluding": "2.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigo_pxc00-e.d:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1727849-2FD8-40A2-91D3-E0C9662B45BC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigo_pxc00-u_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E396F519-8055-486E-A2DB-F9E6DD5B1E2D", "versionEndExcluding": "6.00.327", "versionStartIncluding": "2.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigo_pxc00-u:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD39D011-8AE2-46FE-9207-C110E2FBC07C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigo_pxc001-e.d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8ACD8296-AC32-42CE-8B8D-A3F6FFD7A869", "versionEndExcluding": "6.00.327", "versionStartIncluding": "2.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigo_pxc001-e.d:-:*:*:*:*:*:*:*", "matchCriteriaId": "DCC50C13-FA05-4459-BA1E-482D886B842B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigo_pxc12-e.d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6B65BC2-7D65-4216-8B3A-773825297CFE", "versionEndExcluding": "6.00.327", "versionStartIncluding": "2.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigo_pxc12-e.d:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDA404C0-FD6D-47CC-950C-E5DCC993C8E6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigo_pxc22-e.d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C4CDD0E-FAB0-4F44-96AB-9ADDEFB456EC", "versionEndExcluding": "6.00.327", "versionStartIncluding": "2.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigo_pxc22-e.d:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A4D84CE-07AB-4305-9C48-54392772D4EB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigo_pxc22.1-e.d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5B66D45-3F60-469D-ADF6-ECB02567970C", "versionEndExcluding": "6.00.327", "versionStartIncluding": "2.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigo_pxc22.1-e.d:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E67F374-BF75-4334-A6D5-AB570E0A70D8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigo_pxc36.1-e.d_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1C11C33-5757-44C5-9CC2-4BC3F287DD75", "versionEndExcluding": "6.00.327", "versionStartIncluding": "2.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigo_pxc36.1-e.d:-:*:*:*:*:*:*:*", "matchCriteriaId": "1CA7EF94-2EE2-4B53-A544-F675306DF84F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigopxc50-e.d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "93AC0E5C-5A08-43E4-88E5-7681755126F0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigopxc50-e.d:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F2D5B24-63B5-41C8-B20B-98699C4979F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigopxc64-u_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BCB6399E-E7BD-4469-8166-B03B74E421BE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigopxc64-u:-:*:*:*:*:*:*:*", "matchCriteriaId": "980885C3-B98A-4AC9-AB86-A8BBFF23F37D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigopxc100-e.d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9118355-1BBC-43C7-9923-0F8FAEA70D40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigopxc100-e.d:-:*:*:*:*:*:*:*", "matchCriteriaId": "93E5FEC8-EAE9-4235-91EE-FE68CCE19C43", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigopxc128-u_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD7B8DC6-A346-4D4B-B6F6-9831E7D1F999", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigopxc128-u:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF17316C-DDD6-42F9-A147-6729632D9902", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigopxc200-e.d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED820905-73EA-41F8-A2C5-17CD6BCF1707", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigopxc200-e.d:-:*:*:*:*:*:*:*", "matchCriteriaId": "E05F84E0-808C-4C40-9D50-9BE0117B791E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:siemens:desigopxm20-e_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2EFE56A4-408F-4807-A76D-B54AD9C85C28", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:siemens:desigopxm20-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "162C32E8-05CD-40A2-AB56-17CE4D85842F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Capital Embedded AR Classic 431-422 (All versions), Capital Embedded AR Classic R20-11 (All versions < V2303), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus Source Code (All versions). By sending specially crafted DHCP packets to a device where the DHCP client is enabled, an attacker could change the IP address of the device to an invalid value."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en APOGEE MEC/MBC/PXC (P2) (Todas las versiones anteriores a V2.8.2), APOGEE PXC Series (BACnet) (Todas las versiones anteriores a V3.5.3), APOGEE PXC Series (P2) (Todas las versiones posteriores o iguales a V2. 8.2 y anteriores a V2.8.19), Desigo PXC00-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC00-U (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC001-E. D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC100-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC12-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00. 327), Desigo PXC128-U (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC200-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC22-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00. 327), Desigo PXC22.1-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC36.1-E.D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC50-E. D (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXC64-U (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00.327), Desigo PXM20-E (Todas las versiones posteriores o iguales a V2.3x y anteriores a V6.00. 327), Nucleus NET (Todas las versiones), Nucleus RTOS (Todas las versiones), Nucleus ReadyStart para ARM, MIPS y PPC (Todas las versiones anteriores a V2017.02.2 con parche \"Nucleus 2017.02. 02 Nucleus NET Patch\"), Nucleus SafetyCert (Todas las versiones), Nucleus Source Code (Todas las versiones), SIMOTICS CONNECT 400 (Todas las versiones anteriores a V0.3.0.330), TALON TC Series (BACnet) (Todas las versiones anteriores a V3.5.3), VSTAR (Todas las versiones). Al enviar paquetes DHCP especialmente dise\u00f1ados a un dispositivo donde el cliente DHCP est\u00e1 habilitado, un atacante podr\u00eda cambiar la direcci\u00f3n IP del dispositivo a un valor no v\u00e1lido. La vulnerabilidad podr\u00eda afectar a la disponibilidad e integridad del dispositivo. Se requiere acceso a la red adyacente, pero no se necesita autenticaci\u00f3n ni interacci\u00f3n del usuario para realizar un ataque"}], "id": "CVE-2019-13939", "lastModified": "2025-03-11T10:15:11.460", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "productcert@siemens.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "productcert@siemens.com", "type": "Secondary"}]}, "published": "2020-01-16T16:15:16.277", "references": [{"source": "productcert@siemens.com", "url": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html"}, {"source": "productcert@siemens.com", "url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"}, {"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"}, {"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"}, {"source": "productcert@siemens.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://cert-portal.siemens.com/productcert/html/ssa-162506.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://cert-portal.siemens.com/productcert/html/ssa-434032.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-162506.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-434032.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "productcert@siemens.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{}