{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"LOGO! 8 BM (incl. variantes SIPLUS) versions ant\u00e9rieures \u00e0 V1.82.04","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-300 CPU (incl. variantes ET200CPUs et SIPLUS) versions ant\u00e9rieures \u00e0 V3.X.17","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC TDC CP51M1 versions ant\u00e9rieures \u00e0 V1.1.8","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SICAM T versions ant\u00e9rieures \u00e0 V2.18","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Opcenter Execution Process versions ant\u00e9rieures \u00e0 v3.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SICAM MMU versions ant\u00e9rieures \u00e0 V2.05","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Camstar Enterprise Platform : une migration vers Opcenter Execution Core 8.2 est requise","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC IT LMS, Production Suite, Notifier Server for Windows, PCS neo","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SICAM SGU","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"LOGO! 8 BM (incl. variantes SIPLUS) versions ant\u00e9rieures \u00e0 V1.82.03","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Opcenter RD&L versions ant\u00e9rieures \u00e0 8.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC Runtime Advanced","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SPPA-T3000 APC UPS avec carte NMC AP9630 ou AP9631","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC STEP 7 (TIA Portal) v16 versions ant\u00e9rieures \u00e0 V16 update 2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SPPA-T3000 Application Server et Terminal Server","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC TDC CPU555 versions ant\u00e9rieures \u00e0 V1.1.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Opcenter Execution Discrete versions ant\u00e9rieures \u00e0 v3.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Opcenter Execution Core versions ant\u00e9rieures \u00e0 v8.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC S7-200 SMART CPU versions ant\u00e9rieures \u00e0 V2.5.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Opcenter Quality versions ant\u00e9rieures \u00e0 11.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Opcenter Intelligence","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"LOGO! 8 BM (incl. variantes SIPLUS) versions ant\u00e9rieures \u00e0 V1.81.04","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC HMI Basic Panels premi\u00e8re et seconde g\u00e9n\u00e9ration, Comfort Panels, Mobile Panels de seconde g\u00e9n\u00e9ration (incl. variantes SIPLUS)","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC STEP 7 (TIA Portal) v15","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINUMERIK 840D sl versions ant\u00e9rieures \u00e0 V4.8.6","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC HMI KTP700F Mobile Arctic","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Opcenter Execution Foundation versions ant\u00e9rieures \u00e0 v3.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMOCODE ES et Soft Starter ES","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINUMERIK 840D sl versions ant\u00e9rieures \u00e0 V4.94","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2020-7584","url":"https://www.cve.org/CVERecord?id=CVE-2020-7584"},{"name":"CVE-2020-7577","url":"https://www.cve.org/CVERecord?id=CVE-2020-7577"},{"name":"CVE-2020-7587","url":"https://www.cve.org/CVERecord?id=CVE-2020-7587"},{"name":"CVE-2020-7576","url":"https://www.cve.org/CVERecord?id=CVE-2020-7576"},{"name":"CVE-2019-18336","url":"https://www.cve.org/CVERecord?id=CVE-2019-18336"},{"name":"CVE-2020-10042","url":"https://www.cve.org/CVERecord?id=CVE-2020-10042"},{"name":"CVE-2020-7592","url":"https://www.cve.org/CVERecord?id=CVE-2020-7592"},{"name":"CVE-2020-10043","url":"https://www.cve.org/CVERecord?id=CVE-2020-10043"},{"name":"CVE-2020-10045","url":"https://www.cve.org/CVERecord?id=CVE-2020-10045"},{"name":"CVE-2020-7578","url":"https://www.cve.org/CVERecord?id=CVE-2020-7578"},{"name":"CVE-2020-7588","url":"https://www.cve.org/CVERecord?id=CVE-2020-7588"},{"name":"CVE-2020-10044","url":"https://www.cve.org/CVERecord?id=CVE-2020-10044"},{"name":"CVE-2020-10041","url":"https://www.cve.org/CVERecord?id=CVE-2020-10041"},{"name":"CVE-2020-7581","url":"https://www.cve.org/CVERecord?id=CVE-2020-7581"},{"name":"CVE-2020-10039","url":"https://www.cve.org/CVERecord?id=CVE-2020-10039"},{"name":"CVE-2020-10038","url":"https://www.cve.org/CVERecord?id=CVE-2020-10038"},{"name":"CVE-2020-10040","url":"https://www.cve.org/CVERecord?id=CVE-2020-10040"},{"name":"CVE-2020-11896","url":"https://www.cve.org/CVERecord?id=CVE-2020-11896"},{"name":"CVE-2020-7593","url":"https://www.cve.org/CVERecord?id=CVE-2020-7593"},{"name":"CVE-2020-10037","url":"https://www.cve.org/CVERecord?id=CVE-2020-10037"},{"name":"CVE-2020-0545","url":"https://www.cve.org/CVERecord?id=CVE-2020-0545"}],"links":[],"reference":"CERTFR-2020-AVI-439","revisions":[{"description":"Version initiale","revision_date":"2020-07-15T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une \u00e9l\u00e9vation de privil\u00e8ges.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-589181 du 14 juillet 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-589181.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-631949 du 14 juillet 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-631949.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-573753 du 14 juillet 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-573753.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-604937 du 14 juillet 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-604937.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-508982 du 10 mars 2020, mis \u00e0 jour le 14 juillet 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-508982.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-841348 du 14 juillet 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-364335 du 14 juillet 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-364335.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-305120 du 14 juillet 2020","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-305120.pdf"}]}