{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"SIMATIC PDM","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC OA V3.17 versions ant\u00e9rieures \u00e0 V3.17-P003","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINUMERIK PCU base Win7 software /IPC versions ant\u00e9rieures \u00e0 V12.01 HF4","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC NET PC versions ant\u00e9rieures \u00e0 V16 Upd3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC OA V3.16 versions ant\u00e9rieures \u00e0 V3.16-P018","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINEC NMS sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PCS 7","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"LOGO!8 BM","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-1500","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINUMERIK Operate","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINEMA Server sans le dernier correctif de s\u00e9curit\u00e9","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Advanced","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC Automation Tool","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINUMERIK ONE virtual","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC ProSave","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 SP1 Update 3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINAMICS STARTER commissioning tool","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Professional V13, V14, V15 et V16","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC STEP 7 (TIA Portal) V13, V14, V15 et V16","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PCS neo","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINAMICS Startdrive","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINAMICS STARTER versions ant\u00e9rieures \u00e0 V5.4 HF1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC V7.4 versions ant\u00e9rieures \u00e0 V7.4 SP1 Update 14","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC STEP 7 versions ant\u00e9rieures \u00e0 V5.6 SP2 HF3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINUMERIK Access MyMachine /P2P versions ant\u00e9rieures \u00e0 V4.8","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINUMERIK PCU base Win10 software /IPC versions ant\u00e9rieures \u00e0 V14.00","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2020-7589","url":"https://www.cve.org/CVERecord?id=CVE-2020-7589"},{"name":"CVE-2018-15361","url":"https://www.cve.org/CVERecord?id=CVE-2018-15361"},{"name":"CVE-2019-8262","url":"https://www.cve.org/CVERecord?id=CVE-2019-8262"},{"name":"CVE-2019-8277","url":"https://www.cve.org/CVERecord?id=CVE-2019-8277"},{"name":"CVE-2019-8265","url":"https://www.cve.org/CVERecord?id=CVE-2019-8265"},{"name":"CVE-2019-8269","url":"https://www.cve.org/CVERecord?id=CVE-2019-8269"},{"name":"CVE-2019-8260","url":"https://www.cve.org/CVERecord?id=CVE-2019-8260"},{"name":"CVE-2019-8263","url":"https://www.cve.org/CVERecord?id=CVE-2019-8263"},{"name":"CVE-2019-8261","url":"https://www.cve.org/CVERecord?id=CVE-2019-8261"},{"name":"CVE-2019-8276","url":"https://www.cve.org/CVERecord?id=CVE-2019-8276"},{"name":"CVE-2019-8259","url":"https://www.cve.org/CVERecord?id=CVE-2019-8259"},{"name":"CVE-2019-8271","url":"https://www.cve.org/CVERecord?id=CVE-2019-8271"},{"name":"CVE-2020-7586","url":"https://www.cve.org/CVERecord?id=CVE-2020-7586"},{"name":"CVE-2019-8267","url":"https://www.cve.org/CVERecord?id=CVE-2019-8267"},{"name":"CVE-2020-7580","url":"https://www.cve.org/CVERecord?id=CVE-2020-7580"},{"name":"CVE-2019-8280","url":"https://www.cve.org/CVERecord?id=CVE-2019-8280"},{"name":"CVE-2019-8275","url":"https://www.cve.org/CVERecord?id=CVE-2019-8275"},{"name":"CVE-2019-8274","url":"https://www.cve.org/CVERecord?id=CVE-2019-8274"},{"name":"CVE-2019-8266","url":"https://www.cve.org/CVERecord?id=CVE-2019-8266"},{"name":"CVE-2019-8270","url":"https://www.cve.org/CVERecord?id=CVE-2019-8270"},{"name":"CVE-2019-8258","url":"https://www.cve.org/CVERecord?id=CVE-2019-8258"},{"name":"CVE-2019-8264","url":"https://www.cve.org/CVERecord?id=CVE-2019-8264"},{"name":"CVE-2020-7585","url":"https://www.cve.org/CVERecord?id=CVE-2020-7585"},{"name":"CVE-2019-8272","url":"https://www.cve.org/CVERecord?id=CVE-2019-8272"},{"name":"CVE-2019-8268","url":"https://www.cve.org/CVERecord?id=CVE-2019-8268"},{"name":"CVE-2019-8273","url":"https://www.cve.org/CVERecord?id=CVE-2019-8273"}],"links":[],"reference":"CERTFR-2020-AVI-349","revisions":[{"description":"Version initiale","revision_date":"2020-06-09T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"D\u00e9ni de service"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-817401 du 09 juin 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-817401.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-312271 du 09 juin 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-689942 du 09 juin 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689942.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-927095 du 09 juin 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"}]}