{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"TIA Portal versions 15, 15.1 et 16","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SENTRON PAC3200T versions ant\u00e9rieures \u00e0 3.0.5","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Teamcenter Visualization versions ant\u00e9rieures \u00e0 13.1.0.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINEMA Server versions ant\u00e9rieures \u00e0 14.0 SP2 Update 2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Ruggedcom ROX MX5000, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512 et RX5000 versions ant\u00e9rieures \u00e0 2.14.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"PCS neo v3.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Nucleus NET versions ant\u00e9rieures \u00e0 5.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SINEC NMS versions ant\u00e9rieures \u00e0 1.0 SP1 Update 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SENTRON 3VA COM100/800 versions ant\u00e9rieures \u00e0 4.2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC PCS 7","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SENTRON PAC3200 versions ant\u00e9rieures \u00e0 2.4.5","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"DIGSI 4 versions ant\u00e9rieures \u00e0 4.94 SP1 HF 1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SENTRON 3VA DSP800 versions ant\u00e9rieures \u00e0 2.0","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SENTRON PAC2200 versions ant\u00e9rieures \u00e0 3.0.5","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMARIS configuration","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIRIUS 3RW5 module de communication Modbus TCP","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Nucleus ReadyStart pour ARM, MIPS et PPC versions ant\u00e9rieures \u00e0 2012.12","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SCALANCE W780 and W740 versions ant\u00e9rieures \u00e0 6.3","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SIMATIC WinCC versions ant\u00e9rieures \u00e0 7.5 SP2","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"SENTRON PAC4200 versions ant\u00e9rieures \u00e0 2.0.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"JT2Go versions ant\u00e9rieures \u00e0 13.1.0.1","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2020-28388","url":"https://www.cve.org/CVERecord?id=CVE-2020-28388"},{"name":"CVE-2021-25174","url":"https://www.cve.org/CVERecord?id=CVE-2021-25174"},{"name":"CVE-2020-27006","url":"https://www.cve.org/CVERecord?id=CVE-2020-27006"},{"name":"CVE-2020-13988","url":"https://www.cve.org/CVERecord?id=CVE-2020-13988"},{"name":"CVE-2020-26989","url":"https://www.cve.org/CVERecord?id=CVE-2020-26989"},{"name":"CVE-2020-25238","url":"https://www.cve.org/CVERecord?id=CVE-2020-25238"},{"name":"CVE-2018-18508","url":"https://www.cve.org/CVERecord?id=CVE-2018-18508"},{"name":"CVE-2020-10048","url":"https://www.cve.org/CVERecord?id=CVE-2020-10048"},{"name":"CVE-2020-27001","url":"https://www.cve.org/CVERecord?id=CVE-2020-27001"},{"name":"CVE-2020-27004","url":"https://www.cve.org/CVERecord?id=CVE-2020-27004"},{"name":"CVE-2020-27008","url":"https://www.cve.org/CVERecord?id=CVE-2020-27008"},{"name":"CVE-2020-25245","url":"https://www.cve.org/CVERecord?id=CVE-2020-25245"},{"name":"CVE-2019-17007","url":"https://www.cve.org/CVERecord?id=CVE-2019-17007"},{"name":"CVE-2020-28394","url":"https://www.cve.org/CVERecord?id=CVE-2020-28394"},{"name":"CVE-2020-25237","url":"https://www.cve.org/CVERecord?id=CVE-2020-25237"},{"name":"CVE-2020-26999","url":"https://www.cve.org/CVERecord?id=CVE-2020-26999"},{"name":"CVE-2020-26991","url":"https://www.cve.org/CVERecord?id=CVE-2020-26991"},{"name":"CVE-2020-26998","url":"https://www.cve.org/CVERecord?id=CVE-2020-26998"},{"name":"CVE-2020-27005","url":"https://www.cve.org/CVERecord?id=CVE-2020-27005"},{"name":"CVE-2019-17006","url":"https://www.cve.org/CVERecord?id=CVE-2019-17006"},{"name":"CVE-2021-25177","url":"https://www.cve.org/CVERecord?id=CVE-2021-25177"},{"name":"CVE-2021-25175","url":"https://www.cve.org/CVERecord?id=CVE-2021-25175"},{"name":"CVE-2020-27003","url":"https://www.cve.org/CVERecord?id=CVE-2020-27003"},{"name":"CVE-2020-27000","url":"https://www.cve.org/CVERecord?id=CVE-2020-27000"},{"name":"CVE-2018-12404","url":"https://www.cve.org/CVERecord?id=CVE-2018-12404"},{"name":"CVE-2021-25666","url":"https://www.cve.org/CVERecord?id=CVE-2021-25666"},{"name":"CVE-2019-11745","url":"https://www.cve.org/CVERecord?id=CVE-2019-11745"},{"name":"CVE-2020-26990","url":"https://www.cve.org/CVERecord?id=CVE-2020-26990"},{"name":"CVE-2020-28392","url":"https://www.cve.org/CVERecord?id=CVE-2020-28392"},{"name":"CVE-2021-25176","url":"https://www.cve.org/CVERecord?id=CVE-2021-25176"},{"name":"CVE-2020-27007","url":"https://www.cve.org/CVERecord?id=CVE-2020-27007"},{"name":"CVE-2021-25178","url":"https://www.cve.org/CVERecord?id=CVE-2021-25178"},{"name":"CVE-2020-27002","url":"https://www.cve.org/CVERecord?id=CVE-2020-27002"},{"name":"CVE-2021-25173","url":"https://www.cve.org/CVERecord?id=CVE-2021-25173"},{"name":"CVE-2020-1763","url":"https://www.cve.org/CVERecord?id=CVE-2020-1763"}],"links":[],"reference":"CERTFR-2021-AVI-094","revisions":[{"description":"Version initiale","revision_date":"2021-02-09T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-663999 du 9 f\u00e9vrier 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-663999.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-541017 du 9 f\u00e9vrier 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-541017.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-944678 du 9 f\u00e9vrier 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-156833 du 9 f\u00e9vrier 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-156833.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-536315 du 9 f\u00e9vrier 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-536315.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-362164 du 9 f\u00e9vrier 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-379803 du 9 f\u00e9vrier 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-428051 du 9 f\u00e9vrier 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-428051.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-794542 du 9 f\u00e9vrier 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-794542.pdf"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-686152 du 9 f\u00e9vrier 2021","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-686152.pdf"}]}