{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SIMATIC S7-410 versions ant\u00e9rieures \u00e0 V8.2.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-1500 versions ant\u00e9rieures \u00e0 V2.6","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC HMI Comfort Outdoor Panels 7\" & 15\" versions ant\u00e9rieures \u00e0 V15 Update 4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Advanced versions ant\u00e9rieures \u00e0 V15 Update 4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Professional versions ant\u00e9rieures \u00e0 V15 Update 4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC STEP 7 (TIA Portal) versions ant\u00e9rieures \u00e0 V15.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC HMI Comfort Panels 4\" - 22\" versions ant\u00e9rieures \u00e0 V15 Update 4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC (TIA Portal) versions ant\u00e9rieures \u00e0 V15 Update 4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC IT Production Suite versions 7.1 ant\u00e9rieures \u00e0 V7.1 Upd3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE S602, S612, S623 et 627-2M versions ant\u00e9rieures \u00e0 V4.0.1.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 et KTP900F versions ant\u00e9rieures \u00e0 V15 Update 4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2018-13811","url":"https://www.cve.org/CVERecord?id=CVE-2018-13811"},{"name":"CVE-2018-16556","url":"https://www.cve.org/CVERecord?id=CVE-2018-16556"},{"name":"CVE-2018-13812","url":"https://www.cve.org/CVERecord?id=CVE-2018-13812"},{"name":"CVE-2018-13815","url":"https://www.cve.org/CVERecord?id=CVE-2018-13815"},{"name":"CVE-2018-13804","url":"https://www.cve.org/CVERecord?id=CVE-2018-13804"},{"name":"CVE-2018-13813","url":"https://www.cve.org/CVERecord?id=CVE-2018-13813"},{"name":"CVE-2018-16557","url":"https://www.cve.org/CVERecord?id=CVE-2018-16557"},{"name":"CVE-2018-16555","url":"https://www.cve.org/CVERecord?id=CVE-2018-16555"},{"name":"CVE-2018-13814","url":"https://www.cve.org/CVERecord?id=CVE-2018-13814"}],"links":[],"reference":"CERTFR-2018-AVI-543","revisions":[{"description":"Version initiale","revision_date":"2018-11-13T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens . Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n","title":"SCADA Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-584286 du 13 novembre 2018","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-584286.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-886615 du 13 novembre 2018","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-886615.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-944083 du 13 novembre 2018","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-242982 du 13 novembre 2018","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-242982.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-113131 du 13 novembre 2018","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-113131.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-621493 du 13 novembre 2018","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-621493.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-233109 du 13 novembre 2018","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"}]}