{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<ul> <li>SICAM TOOLBOX II versions ant\u00e9rieures \u00e0 07.10</li> <li>P\u00e9riph\u00e9riques RUGGEDCOM ROS versions ant\u00e9rieures \u00e0 4.3.8</li> <li>Solid Edge SE2023 versions ant\u00e9rieures \u00e0 223.0 Update 7</li> <li>RUGGEDCOM CROSSBOW versions ant\u00e9rieures \u00e0 5.4</li> <li>Parasolid versions 34.1.x ant\u00e9rieures \u00e0 34.1.258</li> <li>Parasolid versions 35.0.x ant\u00e9rieures \u00e0 35.0.254</li> <li>Parasolid versions 35.1.x ant\u00e9rieures \u00e0 35.1.197</li> <li>Teamcenter Visualization versions 14.1.x, se r\u00e9f\u00e9rer \u00e0 l'avis \u00e9diteur pour plus d'information sur les mesures de contournement</li> <li>Teamcenter Visualization versions 14.2.x ant\u00e9rieures \u00e0 14.2.0.6</li> <li>Teamcenter Visualization versions 14.3.x, se r\u00e9f\u00e9rer \u00e0 l'avis \u00e9diteur pour plus d'information sur les mesures de contournement</li> <li>SIMATIC contr\u00f4leur de disque CPU 1504D versions ant\u00e9rieures \u00e0 3.0.3</li> <li>SIMATIC contr\u00f4leur de disque CPU 1507D versions ant\u00e9rieures \u00e0 3.0.3</li> <li>SIMATIC ET toutes versions</li> <li>SIMATIC IPC toutes versions</li> <li>SIMATIC S7 versions ant\u00e9rieures \u00e0 3.0.3</li> <li>SIPLUS ET versions ant\u00e9rieures \u00e0 3.3.19</li> <li>SIPLUS S7 versions ant\u00e9rieures \u00e0 3.0.3</li> <li>Siemens Software Center versions ant\u00e9rieures \u00e0 3.0</li> <li>APOGEE PXC Compact versions ant\u00e9rieures \u00e0 3.5.5</li> <li>APOGEE PXC Compact (P2 Ethernet) versions ant\u00e9rieures \u00e0 2.8.20</li> <li>APOGEE PXC Modular (BACnet) versions ant\u00e9rieures \u00e0 3.5.5</li> <li>APOGEE PXC Modular (P2 Ethernet) versions ant\u00e9rieures \u00e0 2.8.20</li> <li>TALON TC Compact versions ant\u00e9rieures \u00e0 3.5.5</li> <li>TALON TC Modular (BACnet) versions ant\u00e9rieures \u00e0 3.5.5</li> <li>JT2Go versions ant\u00e9rieures \u00e0 14.2.0.5</li> <li>Solid Edge SE2022 versions ant\u00e9rieures \u00e0 222.0 Update 13</li> <li>Solid Edge SE2023 versions ant\u00e9rieures \u00e0 223.0 Update 4</li> <li>Teamcenter Visualization versions 13.2.x ant\u00e9rieures \u00e0 13.2.0.15</li> <li>Teamcenter Visualization versions 13.3.x ant\u00e9rieures \u00e0 13.3.0.11</li> <li>Teamcenter Visualization versions 14.1.x ant\u00e9rieures \u00e0 14.1.0.11</li> <li>Teamcenter Visualization versions 14.2.x ant\u00e9rieures \u00e0 14.2.0.5</li> <li>Parasolid versions 35.0.x sans la proc\u00e9dure de r\u00e9installation</li> <li>Parasolid versions 35.1.x sans la proc\u00e9dure de r\u00e9installation</li> <li>JT Open versions ant\u00e9rieures \u00e0 11.4</li> <li>JT Utilities versions ant\u00e9rieures \u00e0 13.4</li> <li>Parasolid versions 34.0.x ant\u00e9rieures \u00e0 34.0.253</li> <li>Parasolid versions 34.1.x ant\u00e9rieures \u00e0 34.1.243</li> <li>Parasolid versions 35.0.x ant\u00e9rieures \u00e0 35.0.177</li> <li>Parasolid versions 35.1.x ant\u00e9rieures \u00e0 35.1.073</li> </ul> <p>L'\u00e9diteur ne propose pas de correctif pour certains produits RUGGEDCOM ROS, SIMATIC ou SIPLUS, se r\u00e9f\u00e9rer aux avis pour obtenir plus d'informations sur les mesures de contournement.</p> ","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2020-27009","url":"https://www.cve.org/CVERecord?id=CVE-2020-27009"},{"name":"CVE-2022-37971","url":"https://www.cve.org/CVERecord?id=CVE-2022-37971"},{"name":"CVE-2023-27411","url":"https://www.cve.org/CVERecord?id=CVE-2023-27411"},{"name":"CVE-2020-28388","url":"https://www.cve.org/CVERecord?id=CVE-2020-28388"},{"name":"CVE-2023-24845","url":"https://www.cve.org/CVERecord?id=CVE-2023-24845"},{"name":"CVE-2023-39419","url":"https://www.cve.org/CVERecord?id=CVE-2023-39419"},{"name":"CVE-2023-39183","url":"https://www.cve.org/CVERecord?id=CVE-2023-39183"},{"name":"CVE-2022-4304","url":"https://www.cve.org/CVERecord?id=CVE-2022-4304"},{"name":"CVE-2020-27736","url":"https://www.cve.org/CVERecord?id=CVE-2020-27736"},{"name":"CVE-2023-39269","url":"https://www.cve.org/CVERecord?id=CVE-2023-39269"},{"name":"CVE-2023-0286","url":"https://www.cve.org/CVERecord?id=CVE-2023-0286"},{"name":"CVE-2023-38526","url":"https://www.cve.org/CVERecord?id=CVE-2023-38526"},{"name":"CVE-2023-38641","url":"https://www.cve.org/CVERecord?id=CVE-2023-38641"},{"name":"CVE-2023-39187","url":"https://www.cve.org/CVERecord?id=CVE-2023-39187"},{"name":"CVE-2023-39188","url":"https://www.cve.org/CVERecord?id=CVE-2023-39188"},{"name":"CVE-2020-15795","url":"https://www.cve.org/CVERecord?id=CVE-2020-15795"},{"name":"CVE-2023-39185","url":"https://www.cve.org/CVERecord?id=CVE-2023-39185"},{"name":"CVE-2022-39062","url":"https://www.cve.org/CVERecord?id=CVE-2022-39062"},{"name":"CVE-2023-28830","url":"https://www.cve.org/CVERecord?id=CVE-2023-28830"},{"name":"CVE-2023-38531","url":"https://www.cve.org/CVERecord?id=CVE-2023-38531"},{"name":"CVE-2023-38524","url":"https://www.cve.org/CVERecord?id=CVE-2023-38524"},{"name":"CVE-2023-39186","url":"https://www.cve.org/CVERecord?id=CVE-2023-39186"},{"name":"CVE-2023-37372","url":"https://www.cve.org/CVERecord?id=CVE-2023-37372"},{"name":"CVE-2021-41544","url":"https://www.cve.org/CVERecord?id=CVE-2021-41544"},{"name":"CVE-2022-25634","url":"https://www.cve.org/CVERecord?id=CVE-2022-25634"},{"name":"CVE-2023-39182","url":"https://www.cve.org/CVERecord?id=CVE-2023-39182"},{"name":"CVE-2021-31239","url":"https://www.cve.org/CVERecord?id=CVE-2021-31239"},{"name":"CVE-2023-37373","url":"https://www.cve.org/CVERecord?id=CVE-2023-37373"},{"name":"CVE-2023-39184","url":"https://www.cve.org/CVERecord?id=CVE-2023-39184"},{"name":"CVE-2023-38525","url":"https://www.cve.org/CVERecord?id=CVE-2023-38525"},{"name":"CVE-2020-27738","url":"https://www.cve.org/CVERecord?id=CVE-2020-27738"},{"name":"CVE-2023-30795","url":"https://www.cve.org/CVERecord?id=CVE-2023-30795"},{"name":"CVE-2023-38530","url":"https://www.cve.org/CVERecord?id=CVE-2023-38530"},{"name":"CVE-2023-38527","url":"https://www.cve.org/CVERecord?id=CVE-2023-38527"},{"name":"CVE-2022-45937","url":"https://www.cve.org/CVERecord?id=CVE-2022-45937"},{"name":"CVE-2023-37378","url":"https://www.cve.org/CVERecord?id=CVE-2023-37378"},{"name":"CVE-2023-38528","url":"https://www.cve.org/CVERecord?id=CVE-2023-38528"},{"name":"CVE-2023-39181","url":"https://www.cve.org/CVERecord?id=CVE-2023-39181"},{"name":"CVE-2023-4304","url":"https://www.cve.org/CVERecord?id=CVE-2023-4304"},{"name":"CVE-2023-38682","url":"https://www.cve.org/CVERecord?id=CVE-2023-38682"},{"name":"CVE-2023-38532","url":"https://www.cve.org/CVERecord?id=CVE-2023-38532"},{"name":"CVE-2023-30796","url":"https://www.cve.org/CVERecord?id=CVE-2023-30796"},{"name":"CVE-2023-38529","url":"https://www.cve.org/CVERecord?id=CVE-2023-38529"},{"name":"CVE-2023-38683","url":"https://www.cve.org/CVERecord?id=CVE-2023-38683"},{"name":"CVE-2020-27737","url":"https://www.cve.org/CVERecord?id=CVE-2020-27737"},{"name":"CVE-2021-25677","url":"https://www.cve.org/CVERecord?id=CVE-2021-25677"}],"links":[],"reference":"CERTFR-2023-AVI-0633","revisions":[{"description":"Version initiale","revision_date":"2023-08-08T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d'entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-472630 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-472630.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-264815 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-264815.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-770902 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-770902.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-975961 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-975961.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-908185 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-908185.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-131450 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-131450.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-407785 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-407785.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-180579 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-180579.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-811403 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-811403.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-264814 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-264814.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-116172 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-116172.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-188491 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-188491.html"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens ssa-001569 du 8 ao\u00fbt 2023","url":"https://cert-portal.siemens.com/productcert/html/ssa-001569.html"}]}