cvelistv5 - cve-2019-0708

CVE-2019-0708 (GCVE-0-2019-0708)

Vulnerability from cvelistv5

Published

2019-05-16 18:17

Modified

2025-10-21 23:45

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Remote Code Execution

Summary

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

References

URL

Tags

	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf	x_refsource_CONFIRM
	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en	x_refsource_CONFIRM
	http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html	x_refsource_MISC
	http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html	x_refsource_MISC
	http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html	x_refsource_MISC
	http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html	x_refsource_MISC
	http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html	x_refsource_MISC

Impacted products

Vendor

Product

Version

Microsoft

Windows

Version: 7 for 32-bit Systems Service Pack 1
Version: 7 for x64-based Systems Service Pack 1

Microsoft

Windows Server

Version: 2008 R2 for x64-based Systems Service Pack 1 (Core installation)
Version: 2008 R2 for Itanium-Based Systems Service Pack 1
Version: 2008 R2 for x64-based Systems Service Pack 1
Version: 2008 for 32-bit Systems Service Pack 2 (Core installation)
Version: 2008 for Itanium-Based Systems Service Pack 2
Version: 2008 for 32-bit Systems Service Pack 2
Version: 2008 for x64-based Systems Service Pack 2
Version: 2008 for x64-based Systems Service Pack 2 (Core installation)

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2021-11-03

Due date: 2022-05-03

Required action: Apply updates per vendor instructions.

Used in ransomware: Known

Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-0708

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:51:27.186Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2019-0708",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-07T16:17:22.676231Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:45:37.137Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00.000Z",
            "value": "CVE-2019-0708 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Windows",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "7 for 32-bit Systems Service Pack 1"
            },
            {
              "status": "affected",
              "version": "7 for x64-based Systems Service Pack 1"
            }
          ]
        },
        {
          "product": "Windows Server",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
            },
            {
              "status": "affected",
              "version": "2008 R2 for Itanium-Based Systems Service Pack 1"
            },
            {
              "status": "affected",
              "version": "2008 R2 for x64-based Systems Service Pack 1"
            },
            {
              "status": "affected",
              "version": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
            },
            {
              "status": "affected",
              "version": "2008 for Itanium-Based Systems Service Pack 2"
            },
            {
              "status": "affected",
              "version": "2008 for 32-bit Systems Service Pack 2"
            },
            {
              "status": "affected",
              "version": "2008 for x64-based Systems Service Pack 2"
            },
            {
              "status": "affected",
              "version": "2008 for x64-based Systems Service Pack 2 (Core installation)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-03T17:06:16.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2019-0708",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7 for 32-bit Systems Service Pack 1"
                          },
                          {
                            "version_value": "7 for x64-based Systems Service Pack 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Windows Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
                          },
                          {
                            "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
                          },
                          {
                            "version_value": "2008 R2 for x64-based Systems Service Pack 1"
                          },
                          {
                            "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
                          },
                          {
                            "version_value": "2008 for Itanium-Based Systems Service Pack 2"
                          },
                          {
                            "version_value": "2008 for 32-bit Systems Service Pack 2"
                          },
                          {
                            "version_value": "2008 for x64-based Systems Service Pack 2"
                          },
                          {
                            "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Microsoft"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708",
              "refsource": "MISC",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en"
            },
            {
              "name": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2019-0708",
    "datePublished": "2019-05-16T18:17:00.000Z",
    "dateReserved": "2018-11-26T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:45:37.137Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2019-0708",
      "cwes": "[\"CWE-416\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2019-0708",
      "product": "Remote Desktop Services",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Microsoft Remote Desktop Services, formerly known as Terminal Service, contains an unspecified vulnerability that allows an unauthenticated attacker to connect to the target system using RDP and send specially crafted requests. Successful exploitation allows for remote code execution. The vulnerability is also known under the moniker of BlueKeep.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft Remote Desktop Services Remote Code Execution Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T17:51:27.186Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-0708\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T16:17:22.676231Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-11-03T00:00:00.000Z\", \"value\": \"CVE-2019-0708 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0708\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T16:17:23.064Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"7 for 32-bit Systems Service Pack 1\"}, {\"status\": \"affected\", \"version\": \"7 for x64-based Systems Service Pack 1\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Windows Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"2008 R2 for x64-based Systems Service Pack 1 (Core installation)\"}, {\"status\": \"affected\", \"version\": \"2008 R2 for Itanium-Based Systems Service Pack 1\"}, {\"status\": \"affected\", \"version\": \"2008 R2 for x64-based Systems Service Pack 1\"}, {\"status\": \"affected\", \"version\": \"2008 for 32-bit Systems Service Pack 2 (Core installation)\"}, {\"status\": \"affected\", \"version\": \"2008 for Itanium-Based Systems Service Pack 2\"}, {\"status\": \"affected\", \"version\": \"2008 for 32-bit Systems Service Pack 2\"}, {\"status\": \"affected\", \"version\": \"2008 for x64-based Systems Service Pack 2\"}, {\"status\": \"affected\", \"version\": \"2008 for x64-based Systems Service Pack 2 (Core installation)\"}]}], \"references\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Remote Code Execution\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2021-06-03T17:06:16.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"7 for 32-bit Systems Service Pack 1\"}, {\"version_value\": \"7 for x64-based Systems Service Pack 1\"}]}, \"product_name\": \"Windows\"}, {\"version\": {\"version_data\": [{\"version_value\": \"2008 R2 for x64-based Systems Service Pack 1 (Core installation)\"}, {\"version_value\": \"2008 R2 for Itanium-Based Systems Service Pack 1\"}, {\"version_value\": \"2008 R2 for x64-based Systems Service Pack 1\"}, {\"version_value\": \"2008 for 32-bit Systems Service Pack 2 (Core installation)\"}, {\"version_value\": \"2008 for Itanium-Based Systems Service Pack 2\"}, {\"version_value\": \"2008 for 32-bit Systems Service Pack 2\"}, {\"version_value\": \"2008 for x64-based Systems Service Pack 2\"}, {\"version_value\": \"2008 for x64-based Systems Service Pack 2 (Core installation)\"}]}, \"product_name\": \"Windows Server\"}]}, \"vendor_name\": \"Microsoft\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\", \"name\": \"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708\", \"refsource\": \"MISC\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf\", \"name\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en\", \"name\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190529-01-windows-en\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en\", \"name\": \"http://www.huawei.com/en/psirt/security-notices/huawei-sn-20190515-01-windows-en\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html\", \"name\": \"http://packetstormsecurity.com/files/153133/Microsoft-Windows-Remote-Desktop-BlueKeep-Denial-Of-Service.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html\", \"name\": \"http://packetstormsecurity.com/files/153627/Microsoft-Windows-RDP-BlueKeep-Denial-Of-Service.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html\", \"name\": \"http://packetstormsecurity.com/files/154579/BlueKeep-RDP-Remote-Windows-Kernel-Use-After-Free.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html\", \"name\": \"http://packetstormsecurity.com/files/155389/Microsoft-Windows-7-x86-BlueKeep-RDP-Use-After-Free.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/162960/Microsoft-RDP-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka \u0027Remote Desktop Services Remote Code Execution Vulnerability\u0027.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Remote Code Execution\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-0708\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@microsoft.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2019-0708\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:45:37.137Z\", \"dateReserved\": \"2018-11-26T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2019-05-16T18:17:00.000Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2019-AVI-311

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIPROTEC 5 types 6MD85, 6MD86,6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87,7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86,7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82,7UT85, 7UT86, 7UT87 et 7VE85 versions antérieures à V7.90
Siemens	N/A	Spectrum Power 3, 4, 5 et 7
Siemens	N/A	SIMATIC WinCC V7.4 versions antérieures à V7.4 SP1 Upd 11
Siemens	N/A	RAPIDPoint 500
Siemens	N/A	SIMATIC IPC627E avec un BIOS d'une version antérieure à V25.02.04
Siemens	N/A	SIMATIC PCS 7 V8.2 avec WinCC versions antérieures à V7.4 SP1 Upd 11
Siemens	N/A	SENSIS Dell High-End Server (VC12), Mat. Nr.10910620: versions antérieures à VC12M sans le correctif AX037/19/P
Siemens	N/A	Sensis SIS Server Machine, Mat. Nr. 06648153: versions antérieures à VC11D, VC12M, VD11B sans le correctif AX037/19/P
Siemens	N/A	SIMATIC RF68XR versions antérieures à V3.2.1
Siemens	N/A	SIMATIC IPC427E avec un BIOS d'une version antérieure à V21.01.11
Siemens	N/A	SIMATIC IPC647E avec un BIOS d'une version antérieure à V25.02.04
Siemens	N/A	TIA Administrator versions antérieures à V1.0 SP1 Upd1
Siemens	N/A	SIMATIC WinCC V7.5 versions antérieures à V7.5 Upd 3
Siemens	N/A	SIMATIC IPC847E avec un BIOS d'une version antérieure à V25.02.04
Siemens	N/A	SIMATIC IPC677E avec un BIOS d'une version antérieure à V25.02.04
Siemens	N/A	SIMATIC RF615R versions antérieures à V3.2.1
Siemens	N/A	SIMATIC IPC477E Pro avec un BIOS d'une version antérieure à V21.01.11
Siemens	N/A	Sensis High End SIS Server, Mat. Nr. 10140973: versions antérieures à VC11D, VC12M sans le correctif AX037/19/P
Siemens	N/A	SIMATIC IPC477E avec un BIOS d'une version antérieure à V21.01.11
Siemens	N/A	DIGSI 5 versions antérieures à V7.90
Siemens	N/A	SIMATIC PCS 7 V9.0 avec WinCC versions antérieures à V7.4 SP1 Upd 11
Siemens	N/A	VM SIS Virtual Server, Mat. Nr. 10765502: versions antérieures à VC12M sans le correctif AX037/19/P

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-166360 du 09 juillet 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-616199 du 09 juillet 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-121293 du 09 juillet 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-721298 du 09 juillet 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-616472 du 09 juillet 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-747162 du 09 juillet 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-899560 du 09 juillet 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-556833 du 09 juillet 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIPROTEC 5 types 6MD85, 6MD86,6MD89, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87,7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86,7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82,7UT85, 7UT86, 7UT87 et 7VE85 versions ant\u00e9rieures \u00e0 V7.90",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Spectrum Power 3, 4, 5 et 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V7.4 versions ant\u00e9rieures \u00e0 V7.4 SP1 Upd 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "RAPIDPoint 500",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC627E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V25.02.04",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7 V8.2 avec WinCC versions ant\u00e9rieures \u00e0 V7.4 SP1 Upd 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SENSIS Dell High-End Server (VC12), Mat. Nr.10910620: versions ant\u00e9rieures \u00e0 VC12M sans le correctif AX037/19/P",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Sensis SIS Server Machine, Mat. Nr. 06648153: versions ant\u00e9rieures \u00e0 VC11D, VC12M, VD11B sans le correctif AX037/19/P",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC RF68XR versions ant\u00e9rieures \u00e0 V3.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC427E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V21.01.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC647E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V25.02.04",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "TIA Administrator versions ant\u00e9rieures \u00e0 V1.0 SP1 Upd1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 Upd 3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC847E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V25.02.04",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC677E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V25.02.04",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC RF615R versions ant\u00e9rieures \u00e0 V3.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC477E Pro avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V21.01.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Sensis High End SIS Server, Mat. Nr. 10140973: versions ant\u00e9rieures \u00e0 VC11D, VC12M sans le correctif AX037/19/P",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC IPC477E avec un BIOS d\u0027une version ant\u00e9rieure \u00e0 V21.01.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "DIGSI 5 versions ant\u00e9rieures \u00e0 V7.90",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7 V9.0 avec WinCC versions ant\u00e9rieures \u00e0 V7.4 SP1 Upd 11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "VM SIS Virtual Server, Mat. Nr. 10765502: versions ant\u00e9rieures \u00e0 VC12M sans le correctif AX037/19/P",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-11091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
    },
    {
      "name": "CVE-2016-6329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6329"
    },
    {
      "name": "CVE-2018-12127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
    },
    {
      "name": "CVE-2018-12130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
    },
    {
      "name": "CVE-2013-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
    },
    {
      "name": "CVE-2019-10930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10930"
    },
    {
      "name": "CVE-2019-10915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10915"
    },
    {
      "name": "CVE-2019-10931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10931"
    },
    {
      "name": "CVE-2019-10935",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10935"
    },
    {
      "name": "CVE-2018-12126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
    },
    {
      "name": "CVE-2019-10933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10933"
    },
    {
      "name": "CVE-2019-0708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
    },
    {
      "name": "CVE-2011-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
    }
  ],
  "initial_release_date": "2019-07-09T00:00:00",
  "last_revision_date": "2019-07-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-311",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-07-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9\ndes donn\u00e9es et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-166360 du 09 juillet 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-616199 du 09 juillet 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-121293 du 09 juillet 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-721298 du 09 juillet 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-721298.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-616472 du 09 juillet 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616472.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-747162 du 09 juillet 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-747162.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-899560 du 09 juillet 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-899560.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-556833 du 09 juillet 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf"
    }
  ]
}

CERTFR-2019-AVI-223

Vulnerability from certfr_avis

De multiples vulnérabilités ont été corrigées dans Microsoft Windows. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une élévation de privilèges, une exécution de code à distance et un contournement de la fonctionnalité de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows 10 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1809 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1903 pour systèmes x64
Microsoft	Windows	Windows Server 2019 (Server Core installation)
Microsoft	Windows	Windows Server 2019
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows Server 2008 R2 pour systèmes Itanium Service Pack 1
Microsoft	Windows	Windows 10 Version 1803 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1607 pour systèmes 32 bits
Microsoft	Windows	Windows 10 Version 1803 pour systèmes x64
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2
Microsoft	Windows	Windows 10 Version 1809 pour systèmes 32 bits
Microsoft	Windows	Windows Server, version 1803 (Server Core Installation)
Microsoft	Windows	Windows 10 Version 1709 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2016 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1903 pour systèmes 32 bits
Microsoft	Windows	Windows RT 8.1
Microsoft	Windows	Windows 7 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows 10 Version 1809 pour ARM64-based Systems
Microsoft	Windows	Windows 10 Version 1709 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes x64 Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1607 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1703 pour systèmes x64
Microsoft	Windows	Windows Server 2012 (Server Core installation)
Microsoft	Windows	Windows 10 Version 1803 pour ARM64-based Systems
Microsoft	Windows	Windows Server 2008 pour systèmes 32 bits Service Pack 2
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1
Microsoft	Windows	Windows 8.1 pour systèmes x64
Microsoft	Windows	Windows 10 Version 1703 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2016
Microsoft	Windows	Windows Server 2008 pour systèmes Itanium Service Pack 2
Microsoft	Windows	Windows 10 Version 1903 pour ARM64-based Systems
Microsoft	Windows	Windows 8.1 pour systèmes 32 bits
Microsoft	Windows	Windows Server 2008 R2 pour systèmes x64 Service Pack 1 (Server Core installation)
Microsoft	Windows	Windows Server 2012 R2 (Server Core installation)
Microsoft	Windows	Windows 10 pour systèmes 32 bits
Microsoft	Windows	Windows 7 pour systèmes 32 bits Service Pack 1
Microsoft	Windows	Windows 10 Version 1709 pour 64-based Systems
Microsoft	Windows	Windows Server, version 1903 (Server Core installation)

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft du 14 mai 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1903 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes Itanium Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1803 (Server Core Installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1709 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1903 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1809 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1709 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes x64 Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1607 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1703 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1803 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32 bits Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes x64",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1703 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes Itanium Service Pack 2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1903 pour ARM64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 pour syst\u00e8mes x64 Service Pack 1 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 pour syst\u00e8mes 32 bits",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 pour syst\u00e8mes 32 bits Service Pack 1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10 Version 1709 pour 64-based Systems",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server, version 1903 (Server Core installation)",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-0734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0734"
    },
    {
      "name": "CVE-2019-0882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0882"
    },
    {
      "name": "CVE-2019-0896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0896"
    },
    {
      "name": "CVE-2019-0733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0733"
    },
    {
      "name": "CVE-2019-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0727"
    },
    {
      "name": "CVE-2019-0890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0890"
    },
    {
      "name": "CVE-2019-0886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0886"
    },
    {
      "name": "CVE-2019-0893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0893"
    },
    {
      "name": "CVE-2019-0931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0931"
    },
    {
      "name": "CVE-2019-0863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0863"
    },
    {
      "name": "CVE-2019-0885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0885"
    },
    {
      "name": "CVE-2019-0881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0881"
    },
    {
      "name": "CVE-2019-0961",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0961"
    },
    {
      "name": "CVE-2019-0902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0902"
    },
    {
      "name": "CVE-2019-0894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0894"
    },
    {
      "name": "CVE-2019-0899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0899"
    },
    {
      "name": "CVE-2019-0889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0889"
    },
    {
      "name": "CVE-2019-0936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0936"
    },
    {
      "name": "CVE-2019-0895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0895"
    },
    {
      "name": "CVE-2019-0898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0898"
    },
    {
      "name": "CVE-2019-0903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0903"
    },
    {
      "name": "CVE-2019-0892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0892"
    },
    {
      "name": "CVE-2019-0891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0891"
    },
    {
      "name": "CVE-2019-0901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0901"
    },
    {
      "name": "CVE-2019-0897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0897"
    },
    {
      "name": "CVE-2019-0942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0942"
    },
    {
      "name": "CVE-2019-0758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0758"
    },
    {
      "name": "CVE-2019-0707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0707"
    },
    {
      "name": "CVE-2019-0708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
    },
    {
      "name": "CVE-2019-0725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0725"
    },
    {
      "name": "CVE-2019-0900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0900"
    }
  ],
  "initial_release_date": "2019-05-15T00:00:00",
  "last_revision_date": "2019-05-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-223",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-05-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e. Elles permettent \u00e0 un attaquant\nde provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une\n\u00e9l\u00e9vation de privil\u00e8ges, une ex\u00e9cution de code \u00e0 distance et un\ncontournement de la fonctionnalit\u00e9 de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft du 14 mai 2019",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance"
    }
  ]
}

CERTFR-2019-AVI-553

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Conext Control toutes versions
EcoStruxure Substation Operation Gateway, anciennement PACiS Gateway, versions antérieures à 3.606.100.600.1
Triconex TriStation Emulator Version 1.2.0
Toutes les variantes de EGX100:
- EGX100SD
- EGX100MG
- EGX100SQD
- EGX100SDR
- EGX100M
- EGX100MGAA
- EGX100MGBA
- EGX100MGBB
- EGX100MGBC
Toutes les variantes de ECI850:
- ECI850
- ECI850MG
ConneXium Industrial Firewall/Router:
- TCSEFEC2CF3F21 (MM/TX) versions antérieures à V5.33
- TCSEFEC23FCF21 (TX/MM) versions antérieures à V5.33
- TCSEFEC23F3F21 (TX/TX) versions antérieures à V5.33
- Easergy Micom C264 versions antérieures à D5.24 – C264 D5.X, 1.79 – C264 D1.X et D4.25 – C264 D4.X
Modicon X80 modules d'I/O:
- Modicon M580 IEC 61850 module
- Modicon Network Option Switch
- Modicon X80 - I/O Drop Adapters
- Modicon X80 - BMEAHI0812 HART Analog Input Module
Modicon Momentum Unity
Modicon Quantum 140 CRA
Modicon Quantum Head 140 CRP
Modicon Quantum 140 NOP Communications Module

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Schneider Electric SESB-2019-214-01 du 12 novembre 2019	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2019-134-07 du 12 novembre 2019	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2019-193-02 du 12 novembre 2019	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2019-071-03 du 12 novembre 2019	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2019-267-01 du 12 novembre 2019	None	vendor-advisory
Bulletin de sécurité Schneider Electric SEVD-2019-193-01 du 12 novembre 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cul\u003e \u003cli\u003eConext Control toutes versions\u003c/li\u003e \u003cli\u003eEcoStruxure Substation Operation Gateway, anciennement PACiS Gateway, versions ant\u00e9rieures \u00e0 3.606.100.600.1\u003c/li\u003e \u003cli\u003eTriconex TriStation Emulator Version 1.2.0\u003c/li\u003e \u003cli\u003eToutes les variantes de EGX100: \u003cul\u003e \u003cli\u003eEGX100SD\u003c/li\u003e \u003cli\u003eEGX100MG\u003c/li\u003e \u003cli\u003eEGX100SQD\u003c/li\u003e \u003cli\u003eEGX100SDR\u003c/li\u003e \u003cli\u003eEGX100M\u003c/li\u003e \u003cli\u003eEGX100MGAA\u003c/li\u003e \u003cli\u003eEGX100MGBA\u003c/li\u003e \u003cli\u003eEGX100MGBB\u003c/li\u003e \u003cli\u003eEGX100MGBC\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eToutes les variantes de ECI850: \u003cul\u003e \u003cli\u003eECI850\u003c/li\u003e \u003cli\u003eECI850MG\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eConneXium Industrial Firewall/Router: \u003cul\u003e \u003cli\u003eTCSEFEC2CF3F21 (MM/TX) versions ant\u00e9rieures \u00e0 V5.33\u003c/li\u003e \u003cli\u003eTCSEFEC23FCF21 (TX/MM) versions ant\u00e9rieures \u00e0 V5.33\u003c/li\u003e \u003cli\u003eTCSEFEC23F3F21 (TX/TX) versions ant\u00e9rieures \u00e0 V5.33\u003c/li\u003e \u003cli\u003eEasergy Micom C264 versions ant\u00e9rieures \u00e0 D5.24 \u2013 C264 D5.X, 1.79 \u2013 C264 D1.X et D4.25 \u2013 C264 D4.X\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eModicon X80 modules d\u0027I/O: \u003cul\u003e \u003cli\u003eModicon M580 IEC 61850 module\u003c/li\u003e \u003cli\u003eModicon Network Option Switch\u003c/li\u003e \u003cli\u003eModicon X80 - I/O Drop Adapters\u003c/li\u003e \u003cli\u003eModicon X80 - BMEAHI0812 HART Analog Input Module\u003c/li\u003e \u003c/ul\u003e \u003c/li\u003e \u003cli\u003eModicon Momentum Unity\u003c/li\u003e \u003cli\u003eModicon Quantum 140 CRA\u003c/li\u003e \u003cli\u003eModicon Quantum Head 140 CRP\u003c/li\u003e \u003cli\u003eModicon Quantum 140 NOP Communications Module\u003c/li\u003e \u003c/ul\u003e ",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-11091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
    },
    {
      "name": "CVE-2018-7803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7803"
    },
    {
      "name": "CVE-2019-1182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1182"
    },
    {
      "name": "CVE-2019-1222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1222"
    },
    {
      "name": "CVE-2018-12127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
    },
    {
      "name": "CVE-2019-1224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1224"
    },
    {
      "name": "CVE-2018-12130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
    },
    {
      "name": "CVE-2019-1226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1226"
    },
    {
      "name": "CVE-2019-1223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1223"
    },
    {
      "name": "CVE-2019-1225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1225"
    },
    {
      "name": "CVE-2019-1181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1181"
    },
    {
      "name": "CVE-2018-12126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
    },
    {
      "name": "CVE-2018-7834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7834"
    },
    {
      "name": "CVE-2019-0708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
    }
  ],
  "initial_release_date": "2019-11-12T00:00:00",
  "last_revision_date": "2019-11-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-553",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-11-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SESB-2019-214-01 du 12 novembre 2019",
      "url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SESB-2019-214-01-Wind_River_VxWorks_Security_Bulletin_V2.2.pdf\u0026p_Doc_Ref=SESB-2019-214-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-134-07 du 12 novembre 2019",
      "url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-134-07_ConneXium_and_PowerLogic_Gateway_V2.pdf\u0026p_Doc_Ref=SEVD-2019-134-07"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-193-02 du 12 novembre 2019",
      "url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-193-02_MicrosoftRDS-Product_InformationV1.4.pdf\u0026p_Doc_Ref=SEVD-2019-193-02"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-071-03 du 12 novembre 2019",
      "url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-071-03-TriStation_Emulator_V2.pdf\u0026p_Doc_Ref=SEVD-2019-071-03"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-267-01 du 12 novembre 2019",
      "url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-267-01_MicrosoftRDS-DejaBlue-Product_InformationV1.1.pdf\u0026p_Doc_Ref=SEVD-2019-267-01"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-193-01 du 12 novembre 2019",
      "url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2019-193-01_IntelMDS-Product_InformationV1.3.pdf\u0026p_Doc_Ref=SEVD-2019-193-01"
    }
  ]
}

CERTFR-2019-AVI-240

Vulnerability from certfr_avis

Une vulnérabilité a été découverte dans les produits Siemens. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	syngo Lab Process Manager
Siemens	N/A	Medicalis Intelligo
Siemens	N/A	Medicalis Workflow Orchestrator
Siemens	N/A	Rapid Point 500 versions 2.2, 2.2.1, 2.2.2, 2.3, 2.3.1 et 2.3.2
Siemens	N/A	System ACOM.net 2.0, Mat. Nr. 05568386 (VC20A, VC21B, VC22B and VX22A)
Siemens	N/A	CentraLink
Siemens	N/A	StreamLab
Siemens	N/A	Medicalis Referral Management
Siemens	N/A	CS 5100 toutes versions sur Windows XP et Windows 7
Siemens	N/A	SYSTEM ACOM.NET, Mat. Nr. 04815549 (VC20A, VC21B, VC22B and VX22A)
Siemens	N/A	Sensis SIS Server Machine, Mat. Nr. 06648153 (VC11C/D, VC12B/C, VC12L/M)
Siemens	N/A	syngo.via WebViewer
Siemens	N/A	syngo Imaging
Siemens	N/A	SENSIS Dell High-End Server (VC12), Mat. Nr.10910620 (VC11C/D, VC12B/C, VC12L/M)
Siemens	N/A	AXIOM Vertix MD Trauma toutes versions avec Canon Detector
Siemens	N/A	MULTIX PRO ACSS P toutes versions avec Canon Detector
Siemens	N/A	VERTIX SOLITAIRE toutes versions avec Canon Detector
Siemens	N/A	AUWi
Siemens	N/A	VM SIS Virtual Server, Mat. Nr. 10765502 (VC11C/D, VC12B/C, VC12L/M)
Siemens	N/A	MagicLinkA
Siemens	N/A	syngo.via
Siemens	N/A	syngo Workflow MLR
Siemens	N/A	Atellica COAG 360 toutes versions sur Windows 7
Siemens	N/A	AXIOM Multix M toutes versions avec Canon Detector
Siemens	N/A	MULTIX Swing toutes versions avec Canon Detector
Siemens	N/A	Atellica Solution
Siemens	N/A	Viva E
Siemens	N/A	BCS XP toutes versions sur Windows XP et Windows 7
Siemens	N/A	MULTIX TOP toutes versions avec Canon Detector
Siemens	N/A	AUWi Pro
Siemens	N/A	Sensis High End SIS Server, Mat. Nr. 10140973 (VC11C/D, VC12B/C, VC12L/M)
Siemens	N/A	syngo Plaza
Siemens	N/A	Medicalis Clinical Decision Support
Siemens	N/A	teamplay (receiver)
Siemens	N/A	Atellica NEPH 630 toutes versions sur Windows 7
Siemens	N/A	Screening Navigator
Siemens	N/A	Lantis
Siemens	N/A	MULTIX TOP ACSS toutes versions avec Canon Detector
Siemens	N/A	CS 2100 toutes versions sur Windows XP et Windows 7
Siemens	N/A	CS 2500 toutes versions sur Windows 7
Siemens	N/A	AXIOM Vertix Solitaire M toutes versions avec Canon Detector
Siemens	N/A	MULTIX PRO P toutes versions avec Canon Detector
Siemens	N/A	MOBILETT XP Digital toutes versions avec Canon Detector
Siemens	N/A	System ACOM-Net, Mat. Nr. 5903872 (VC20A, VC21B, VC22B and VX22A)
Siemens	N/A	MagicView300
Siemens	N/A	BN ProSpec toutes versions sur Windows XP et Windows 7
Siemens	N/A	MagicView1000W
Siemens	N/A	MULTIX PRO/PRO ACSS/PRO Navy toutes versions avec Canon Detector
Siemens	N/A	Aptio by Inpeco
Siemens	N/A	syngo Workflow SLR
Siemens	N/A	syngo Dynamics
Siemens	N/A	Viva Twin
Siemens	N/A	CS 2000 toutes versions sur Windows XP et Windows 7
Siemens	N/A	MULTIX TOP P/TOP ACSS P toutes versions avec Canon Detector
Siemens	N/A	syngo.via View&GO
Siemens	N/A	Aptio by Siemens

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-932041 du 24 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-166360 du 24 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-832947 du 24 mai 2019	None	vendor-advisory
Alerte CERT-FR CERTFR-2019-ALE-006 du 15 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-616199 du 24 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-406175 du 24 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-433987 du 24 mai 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "syngo Lab Process Manager",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Medicalis Intelligo",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Medicalis Workflow Orchestrator",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Rapid Point 500 versions 2.2, 2.2.1, 2.2.2, 2.3, 2.3.1 et 2.3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "System ACOM.net 2.0, Mat. Nr. 05568386 (VC20A, VC21B, VC22B and VX22A)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "CentraLink",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "StreamLab",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Medicalis Referral Management",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "CS 5100 toutes versions sur Windows XP et Windows 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SYSTEM ACOM.NET, Mat. Nr. 04815549 (VC20A, VC21B, VC22B and VX22A)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Sensis SIS Server Machine, Mat. Nr. 06648153 (VC11C/D, VC12B/C, VC12L/M)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "syngo.via WebViewer",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "syngo Imaging",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SENSIS Dell High-End Server (VC12), Mat. Nr.10910620 (VC11C/D, VC12B/C, VC12L/M)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "AXIOM Vertix MD Trauma toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MULTIX PRO ACSS P toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "VERTIX SOLITAIRE toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "AUWi",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "VM SIS Virtual Server, Mat. Nr. 10765502 (VC11C/D, VC12B/C, VC12L/M)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MagicLinkA",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "syngo.via",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "syngo Workflow MLR",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Atellica COAG 360 toutes versions sur Windows 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "AXIOM Multix M toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MULTIX Swing toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Atellica Solution",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Viva E",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "BCS XP toutes versions sur Windows XP et Windows 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MULTIX TOP toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "AUWi Pro",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Sensis High End SIS Server, Mat. Nr. 10140973 (VC11C/D, VC12B/C, VC12L/M)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "syngo Plaza",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Medicalis Clinical Decision Support",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "teamplay (receiver)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Atellica NEPH 630 toutes versions sur Windows 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Screening Navigator",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Lantis",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MULTIX TOP ACSS toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "CS 2100 toutes versions sur Windows XP et Windows 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "CS 2500 toutes versions sur Windows 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "AXIOM Vertix Solitaire M toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MULTIX PRO P toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MOBILETT XP Digital toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "System ACOM-Net, Mat. Nr. 5903872 (VC20A, VC21B, VC22B and VX22A)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MagicView300",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "BN ProSpec toutes versions sur Windows XP et Windows 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MagicView1000W",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MULTIX PRO/PRO ACSS/PRO Navy toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Aptio by Inpeco",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "syngo Workflow SLR",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "syngo Dynamics",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Viva Twin",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "CS 2000 toutes versions sur Windows XP et Windows 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "MULTIX TOP P/TOP ACSS P toutes versions avec Canon Detector",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "syngo.via View\u0026GO",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "Aptio by Siemens",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-0708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
    }
  ],
  "initial_release_date": "2019-05-27T00:00:00",
  "last_revision_date": "2019-05-27T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-240",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-05-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Siemens. Elle\npermet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "SCADA Vuln\u00e9rabilit\u00e9 dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-932041 du 24 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932041.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-166360 du 24 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-166360.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-832947 du 24 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-832947.pdf"
    },
    {
      "published_at": null,
      "title": "Alerte CERT-FR CERTFR-2019-ALE-006 du 15 mai 2019",
      "url": "https://www.cert.ssi.gouv.fr/alerte/CERTFR-2019-ALE-006/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-616199 du 24 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-616199.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-406175 du 24 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-406175.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-433987 du 24 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433987.pdf"
    }
  ]
}

CERTFR-2019-ALE-006

Vulnerability from certfr_alerte

[Mise à jour du 22 mai 2019 : Informations complémentaires et situation]

[Mise à jour du 23 mai 2019 : Informations sur la publication d'un correctif pour Windows Vista]

Le 14 mai 2019, lors de sa mise à jour mensuelle, Microsoft a publié un correctif pour une vulnérabilité identifiée comme CVE-2019-0708 [1].
Cette vulnérabilité impacte les services de bureau à distance (Remote Desktop Services, RDS), basé sur le protocole de bureau à distance (Remote Desktop Protocol, RDP) et régulièrement utilisé dans le cadre de l'administration à distance. Cette vulnérabilité permet l'exécution de code arbitraire sur un système vulnérable, et ce sans authentification ni interaction d'un utilisateur.

De par le risque particulièrement important qui découlerait d'une exploitation de cette faille, elle a fait l'objet d'un traitement spécifique de la part de l'éditeur. En effet, en plus des correctifs pour les systèmes actuellement maintenus par Microsoft, des mises à jours exceptionnelles ont également été rendues disponibles pour certains des anciens systèmes n'étant plus pris en charge. Cela comprend les systèmes Windows 2003 ainsi que Windows XP.

Le 23 mai 2019, Microsoft a rendu disponible un correctif pour le système Windows Vista [4].

De plus, une publication de l'éditeur alertant sur le caractère singulier de cette faille et mettant en garde contre un risque d'attaque par un ver informatique exploitant la CVE-2019-0708 a été mise en ligne sur le blog de Microsoft [2].

À la date du 22 mai 2019, aucun code d’exploitation public n’est disponible. Cependant, plusieurs sources fiables sur Internet se font l'écho de l’existence de tels codes, rendant alors crédible le risque de divulgation des détails techniques et l’exploitation automatisée qui pourrait suivre.

Une proposition de règle de détection s'appuyant sur certaines caractéristiques de la vulnérabilité a été rendue publique par NCC Group [3]. Il est ainsi possible dans certains cas de détecter une tentative d'exploitation. Cependant, dans le cas général les communications passent par un canal chiffré ce qui empêche les détections au niveau du réseau.

NLA (Network Level Authentication)

Pour éviter l’exploitation en pré-authentification, il est possible d'utiliser la fonctionnalité NLA qui force une authentification du client lors de l’initialisation de la connexion RDP.
La fonctionnalité NLA est implémentée depuis Windows Vista et Windows Server 2008 mais n’est pas forcément imposée par la configuration du service RDS. Il n’existe pas de configuration par défaut relative à l’activation de cette fonctionnalité et l’administrateur définit ces paramètres lors de l’installation.

Recommandations

Le CERT-FR recommande en premier lieu l'application des correctifs disponibles dans les plus brefs délais.

Les systèmes vulnérables doivent être identifiés et les mesures suivantes doivent être appliquées au plus vite :

Systèmes d'exploitation	Mesures
Windows 7 Windows Server 2008	En fonction de la configuration de NLA, les machines sont vulnérables en pré-authentification ou en post authentification. Pour que la vulnérabilité ne soit pas exploitable en pré-authentification, NLA doit être activé (cf. section Contournement provisoire) Le CERT-FR recommande donc de déployer, par GPO si applicable, l’activation de NLA pour le service RDS. Quelle que soit la configuration, les correctifs doivent être appliqués sur ces systèmes. Il est rappelé que la fin du support de ces systèmes d’exploitation étant proche (14 janvier 2020), il est nécessaire de migrer vers des versions supportées.
Windows Vista	Ce système n'est plus supporté par l’éditeur. L'utilisation de la fonctionnalité NLA permet d'éviter l'exploitation de la vulnérabilité en pré-authentification et peut être utilisé comme solution de contournement provisoire. Bien qu'un correctif soit disponible pour cette version de Windows, la mise à niveau vers des systèmes soutenus par l’éditeur doit être réalisée en urgence.
Windows XP Windows Server 2003	Ces systèmes ne sont plus supportés par l’éditeur et aucun mécanisme de défense en profondeur n’est disponible pour réduire la gravité de cette vulnérabilité. Aucune machine avec ces versions de Windows ne doit être connectée à Internet ou à un réseau local ni administrée par ce vecteur. Bien que des correctifs soient disponibles pour ces versions de Windows, le remplacement vers des systèmes soutenus par l’éditeur doit être réalisé en urgence.

Solution

Le CERT-FR recommande l'application des correctifs disponibles dans les plus brefs délais. Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Contournement provisoire

L'activation de NLA ne permet pas de corriger la vulnérabilité mais impose une authentification avant l'exécution de la section vulnérable du code. Elle pourra se faire à l'aide de la GPO suivante (version française puis version anglaise):

[pastacode lang="bash" manual="GPO%20%3E%20Configuration%20ordinateur%20%3E%20Mod%C3%A8les%20d%E2%80%99administration%20%3E%20Composants%20Windows%20%3E%20%0AService%20Bureau%20%C3%A0%20distance%20%3E%20H%C3%B4te%20de%20la%20session%20Bureau%20%C3%A0%20distance%20%3E%20S%C3%A9curit%C3%A9" message="" highlight="" provider="manual"/]

[pastacode lang="bash" manual="GPO%20%3E%20Computer%20Configuration%20%3E%20Administrative%20Templates%20%3E%20Windows%20Components%20%3E%20%0ARemote%20Desktop%20Services%20%3E%20Remote%20Desktop%20Session%20Host%20%3E%20Security" message="" highlight="" provider="manual"/]

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows XP
Microsoft	Windows	Windows Server 2008 R2
Microsoft	Windows	Windows Server 2008
Microsoft	Windows	Windows 7
Microsoft	Windows	Windows 2003
Microsoft	Windows	Windows Vista

References

Title

Publication Time

Tags

[1] Bulletin de sécurité Microsoft CVE-2019-0708 du 14 mai 2019	None	vendor-advisory
[3] Règle de détection réseau Suricata de NCC Group pour la CVE-2019-0708	-	other
[4] Instructions pour les clients concernant la CVE-2019-0708 de Microsoft	-	other
Avis CERT-FR CERTFR-2019-AVI-223	-	other
[2] Publication de blogue de Microsoft sur la vulnérabilité CVE-2019-0708	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows XP",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2003",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2019-10-25",
  "content": "## Solution\n\nLe CERT-FR recommande l\u0027application des correctifs disponibles dans les\nplus brefs d\u00e9lais. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour\nl\u0027obtention des correctifs (cf. section Documentation).\n\n## Contournement provisoire\n\n\u00a0\n\nL\u0027activation de NLA ne permet pas de corriger la vuln\u00e9rabilit\u00e9 mais\nimpose une authentification avant l\u0027ex\u00e9cution de la section vuln\u00e9rable\ndu code. Elle pourra se faire \u00e0 l\u0027aide de la GPO suivante (version\nfran\u00e7aise puis version anglaise):\n\n\\[pastacode lang=\"bash\"\nmanual=\"GPO%20%3E%20Configuration%20ordinateur%20%3E%20Mod%C3%A8les%20d%E2%80%99administration%20%3E%20Composants%20Windows%20%3E%20%0AService%20Bureau%20%C3%A0%20distance%20%3E%20H%C3%B4te%20de%20la%20session%20Bureau%20%C3%A0%20distance%20%3E%20S%C3%A9curit%C3%A9\"\nmessage=\"\" highlight=\"\" provider=\"manual\"/\\]\n\n\\[pastacode lang=\"bash\"\nmanual=\"GPO%20%3E%20Computer%20Configuration%20%3E%20Administrative%20Templates%20%3E%20Windows%20Components%20%3E%20%0ARemote%20Desktop%20Services%20%3E%20Remote%20Desktop%20Session%20Host%20%3E%20Security\"\nmessage=\"\" highlight=\"\" provider=\"manual\"/\\]\n",
  "cves": [
    {
      "name": "CVE-2019-0708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
    }
  ],
  "initial_release_date": "2019-05-22T00:00:00",
  "last_revision_date": "2019-10-25T00:00:00",
  "links": [
    {
      "title": "[3] R\u00e8gle de d\u00e9tection r\u00e9seau Suricata de NCC Group pour la CVE-2019-0708",
      "url": "https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt"
    },
    {
      "title": "[4] Instructions pour les clients concernant la CVE-2019-0708 de Microsoft",
      "url": "https://support.microsoft.com/fr-fr/help/4500705/customer-guidance-for-cve-2019-0708"
    },
    {
      "title": "Avis CERT-FR CERTFR-2019-AVI-223",
      "url": "https://cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-223/"
    },
    {
      "title": "[2] Publication de blogue de Microsoft sur la vuln\u00e9rabilit\u00e9 CVE-2019-0708",
      "url": "https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/"
    }
  ],
  "reference": "CERTFR-2019-ALE-006",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-05-22T00:00:00.000000"
    },
    {
      "description": "Informations compl\u00e9mentaires sur les syst\u00e8mes impact\u00e9s, les recommandations et les contournements provisoires",
      "revision_date": "2019-05-22T00:00:00.000000"
    },
    {
      "description": "Mise en forme",
      "revision_date": "2019-05-23T00:00:00.000000"
    },
    {
      "description": "Ajout des informations sur le correctif pour Windows Vista",
      "revision_date": "2019-05-23T00:00:00.000000"
    },
    {
      "description": "Correction syntaxique",
      "revision_date": "2019-05-24T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte",
      "revision_date": "2019-10-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "\u003cstrong\u003e\\[Mise \u00e0 jour du 22 mai 2019 : Informations compl\u00e9mentaires et\nsituation\\]\u003c/strong\u003e\n\n\u003cstrong\u003e\\[Mise \u00e0 jour du 23 mai 2019 : Informations sur la publication d\u0027un\ncorrectif pour Windows Vista\\]\u003c/strong\u003e\n\nLe 14 mai 2019, lors de sa mise \u00e0 jour mensuelle, Microsoft a publi\u00e9 un\ncorrectif pour une vuln\u00e9rabilit\u00e9 identifi\u00e9e comme CVE-2019-0708 \\[1\\].  \nCette vuln\u00e9rabilit\u00e9 impacte les services de bureau \u00e0 distance (*Remote\nDesktop Services*, RDS), bas\u00e9 sur le protocole de bureau \u00e0 distance\n(*Remote Desktop Protocol*, RDP) et r\u00e9guli\u00e8rement utilis\u00e9 dans le cadre\nde l\u0027administration \u00e0 distance. Cette vuln\u00e9rabilit\u00e9 permet l\u0027ex\u00e9cution\nde code arbitraire sur un syst\u00e8me vuln\u00e9rable, et ce sans\nauthentification ni interaction d\u0027un utilisateur.\n\nDe par le risque particuli\u00e8rement important qui d\u00e9coulerait d\u0027une\nexploitation de cette faille, elle a fait l\u0027objet d\u0027un traitement\nsp\u00e9cifique de la part de l\u0027\u00e9diteur. En effet, en plus des correctifs\npour les syst\u00e8mes actuellement maintenus par Microsoft, des mises \u00e0\njours exceptionnelles ont \u00e9galement \u00e9t\u00e9 rendues disponibles pour\ncertains des anciens syst\u00e8mes n\u0027\u00e9tant plus pris en charge. Cela comprend\nles syst\u00e8mes Windows 2003 ainsi que Windows XP.\n\nLe 23 mai 2019, Microsoft a rendu disponible un correctif pour le\nsyst\u00e8me Windows Vista \\[4\\].\n\nDe plus, une publication de l\u0027\u00e9diteur alertant sur le caract\u00e8re\nsingulier de cette faille et mettant en garde contre un risque d\u0027attaque\npar un ver informatique exploitant la CVE-2019-0708 a \u00e9t\u00e9 mise en ligne\nsur le blog de Microsoft \\[2\\].\n\n\u00c0 la date du 22 mai 2019, aucun code d\u2019exploitation public n\u2019est\ndisponible. Cependant, plusieurs sources fiables sur Internet se font\nl\u0027\u00e9cho de l\u2019existence de tels codes, rendant alors cr\u00e9dible le risque de\ndivulgation des d\u00e9tails techniques et l\u2019exploitation automatis\u00e9e qui\npourrait suivre.\n\nUne proposition de r\u00e8gle de d\u00e9tection s\u0027appuyant sur certaines\ncaract\u00e9ristiques de la vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 rendue publique par NCC Group\n\\[3\\]. Il est ainsi possible dans certains cas de d\u00e9tecter une tentative\nd\u0027exploitation. Cependant, dans le cas g\u00e9n\u00e9ral les communications\npassent par un canal chiffr\u00e9 ce qui emp\u00eache les d\u00e9tections au niveau du\nr\u00e9seau.\n\n### NLA (*Network Level Authentication*)\n\nPour \u00e9viter l\u2019exploitation en pr\u00e9-authentification, il est possible\nd\u0027utiliser la fonctionnalit\u00e9 NLA qui force une authentification du\nclient lors de l\u2019initialisation de la connexion RDP.  \nLa fonctionnalit\u00e9 NLA est impl\u00e9ment\u00e9e depuis Windows Vista et Windows\nServer 2008 mais n\u2019est pas forc\u00e9ment impos\u00e9e par la configuration du\nservice RDS. Il n\u2019existe pas de configuration par d\u00e9faut relative \u00e0\nl\u2019activation de cette fonctionnalit\u00e9 et l\u2019administrateur d\u00e9finit ces\nparam\u00e8tres lors de l\u2019installation.\n\n### Recommandations\n\nLe CERT-FR recommande en premier lieu l\u0027application des correctifs\ndisponibles dans les plus brefs d\u00e9lais.\n\nLes syst\u00e8mes vuln\u00e9rables doivent \u00eatre identifi\u00e9s et les mesures\nsuivantes doivent \u00eatre appliqu\u00e9es au plus vite :\n\n\u003ctable\u003e\n\u003ccolgroup\u003e\n\u003ccol style=\"width: 50%\" /\u003e\n\u003ccol style=\"width: 50%\" /\u003e\n\u003c/colgroup\u003e\n\u003ctbody\u003e\n\u003ctr class=\"header\"\u003e\n\u003cth\u003eSyst\u00e8mes d\u0027exploitation\u003c/th\u003e\n\u003cth style=\"text-align: center;\"\u003eMesures\u003c/th\u003e\n\u003c/tr\u003e\n\n\u003ctr class=\"odd\"\u003e\n\u003ctd\u003eWindows 7\u003cbr /\u003e\nWindows Server 2008\u003c/td\u003e\n\u003ctd style=\"text-align: center;\"\u003eEn fonction de la configuration de NLA,\nles machines sont vuln\u00e9rables en pr\u00e9-authentification ou en post\nauthentification. Pour que la vuln\u00e9rabilit\u00e9 ne soit pas exploitable en\npr\u00e9-authentification, NLA doit \u00eatre activ\u00e9 (cf. section\n\u003cstrong\u003eContournement provisoire\u003c/strong\u003e)\u003cbr /\u003e\nLe CERT-FR recommande donc de d\u00e9ployer, par GPO si applicable,\nl\u2019activation de NLA pour le service RDS.\u003cbr /\u003e\nQuelle que soit la configuration, les correctifs doivent \u00eatre appliqu\u00e9s\nsur ces syst\u00e8mes.\u003cbr /\u003e\nIl est rappel\u00e9 que la fin du support de ces syst\u00e8mes d\u2019exploitation\n\u00e9tant proche (14 janvier 2020), il est n\u00e9cessaire de migrer vers des\nversions support\u00e9es.\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr class=\"even\"\u003e\n\u003ctd\u003eWindows Vista\u003c/td\u003e\n\u003ctd style=\"text-align: center;\"\u003eCe syst\u00e8me n\u0027est plus support\u00e9 par\nl\u2019\u00e9diteur. L\u0027utilisation de la fonctionnalit\u00e9 NLA permet d\u0027\u00e9viter\nl\u0027exploitation de la vuln\u00e9rabilit\u00e9 en pr\u00e9-authentification et peut \u00eatre\nutilis\u00e9 comme solution de contournement provisoire.\u003cbr /\u003e\nBien qu\u0027un correctif soit disponible pour cette version de Windows, la\nmise \u00e0 niveau vers des syst\u00e8mes soutenus par l\u2019\u00e9diteur doit \u00eatre\nr\u00e9alis\u00e9e en urgence.\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr class=\"odd\"\u003e\n\u003ctd\u003eWindows XP\u003cbr /\u003e\nWindows Server\u003cbr /\u003e\n2003\u003c/td\u003e\n\u003ctd style=\"text-align: center;\"\u003eCes syst\u00e8mes ne sont plus support\u00e9s par\nl\u2019\u00e9diteur et aucun m\u00e9canisme de d\u00e9fense en profondeur n\u2019est disponible\npour r\u00e9duire la gravit\u00e9 de cette vuln\u00e9rabilit\u00e9.\u003cbr /\u003e\nAucune machine avec ces versions de Windows ne doit \u00eatre connect\u00e9e \u00e0\nInternet ou \u00e0 un r\u00e9seau local ni administr\u00e9e par ce vecteur.\u003cbr /\u003e\nBien que des correctifs soient disponibles pour ces versions de Windows,\nle remplacement vers des syst\u00e8mes soutenus par l\u2019\u00e9diteur doit \u00eatre\nr\u00e9alis\u00e9 en urgence.\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Remote Desktop Services",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "[1] Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2019-0708 du 14 mai 2019",
      "url": "https://portal.msrc.microsoft.com/fr-FR/security-guidance/advisory/CVE-2019-0708"
    }
  ]
}

CERTFR-2019-ALE-012

Vulnerability from certfr_alerte

Le 13 août 2019, lors de la publication mensuelle de ses correctifs, Microsoft a corrigé plusieurs vulnérabilités affectant les services de bureau à distance (Remote Desktop Services, RDS). Parmi les failles corrigées, quatre d'entre elles, critiques, permettent une exécution de code arbitraire à distance. Selon l'éditeur, elles touchent les systèmes Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2 ainsi que toutes les versions supportées de Windows 10, cela incluant les versions serveur.

Ces vulnérabilités identifiées comme CVE-2019-1181, CVE-2019-1182, CVE-2019-1222 et CVE-2019-1226 peuvent être exploitées sans authentification et sont considérées comme étant d'une criticité similaire à la faille CVE-2019-0708 [1] corrigée au mois de mai par l'éditeur.

En accompagnement du bulletin mensuel sur les correctifs de sécurité, Microsoft a également publié un article de blogue [2] revenant sur deux de ces failles, les CVE-2019-1181 et CVE-2019-1182. Celui-ci incite les utilisateurs à mettre à jour leurs systèmes dans les plus brefs délais et met en garde contre le risque d'utilisation de ce type de vulnérabilité dans des attaques à propagation de type "ver informatique".

[Mise à jour 14 août 2019]

Microsoft a bloqué la mise à jour d'août 2019 pour les utilisateurs de produits Symantec et Norton [3][4]. En effet, l'algorithme SHA-2 pour la signature du certificat n'est pas supporté par ces produits, ceux-ci ne peuvent donc pas vérifier la mise à jour.

Microsoft déconseille de forcer l'installation. Aucune solution n'est disponible pour l'instant.

Solution

Contournement provisoire

Un contournement partiel existe lorsque le protocole Network Level Authentication (NLA) est activé. Cette fonctionnalité de sécurité force l'authentification du client lors de l’initialisation d'une connexion avec le service RDS. Cela a pour conséquence d'empêcher l'exploitation de ces failles en pré-authentification. Malgré son utilisation, les machines demeurent vulnérables à une exécution de code arbitraire à distance.

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2012
Microsoft	Windows	Windows Server 2019
Microsoft	Windows	Windows Server 2012 R2
Microsoft	Windows	Windows Server 2008 R2
Microsoft	Windows	Windows 10
Microsoft	Windows	Windows RT 8.1
Microsoft	Windows	Windows Server 2016
Microsoft	Windows	Windows 7 SP1
Microsoft	Windows	Windows Server 2008 R2 SP1
Microsoft	Windows	Windows 8.1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2019-1226 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2019-1222 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2019-1181 du 13 août 2019	None	vendor-advisory
Bulletin de sécurité Microsoft CVE-2019-1182 du 13 août 2019	None	vendor-advisory
Communiqué Symantec	-	other
Publication de blogue de Microsoft sur les vulnérabilités CVE-2019-1181 et CVE-2019-1182	-	other
Avis CERT-FR CERTFR-2019-AVI-397	-	other
Alerte de sécurité du CERT-FR CERTFR-2019-ALE-006 du 15 mai 2019	-	other
Publication de blogue de Microsoft l'incompatibilité de la mise à jour d'août 2019 avec les produits Symantec	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2012",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2019",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2012 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 10",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows RT 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2016",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 7 SP1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 R2 SP1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 8.1",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2019-10-25",
  "content": "## Solution\n\nLe CERT-FR recommande l\u0027application des correctifs disponibles dans les\nplus brefs d\u00e9lais. Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour\nl\u0027obtention des correctifs (cf. section Documentation).\n\n## Contournement provisoire\n\nUn contournement partiel existe lorsque le protocole *Network Level\nAuthentication* (NLA) est activ\u00e9. Cette fonctionnalit\u00e9 de s\u00e9curit\u00e9 force\nl\u0027authentification du client lors de l\u2019initialisation d\u0027une connexion\navec le service RDS. Cela a pour cons\u00e9quence d\u0027emp\u00eacher l\u0027exploitation\nde ces failles en pr\u00e9-authentification. Malgr\u00e9 son utilisation, les\nmachines demeurent vuln\u00e9rables \u00e0 une ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "cves": [
    {
      "name": "CVE-2019-1222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1222"
    },
    {
      "name": "CVE-2019-1182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1182"
    },
    {
      "name": "CVE-2019-0708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0708"
    },
    {
      "name": "CVE-2019-1181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1181"
    },
    {
      "name": "CVE-2019-1226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1226"
    }
  ],
  "initial_release_date": "2019-08-14T00:00:00",
  "last_revision_date": "2019-10-25T00:00:00",
  "links": [
    {
      "title": "Communiqu\u00e9 Symantec",
      "url": "https://support.symantec.com/us/en/article.tech255857.html"
    },
    {
      "title": "Publication de blogue de Microsoft sur les vuln\u00e9rabilit\u00e9s CVE-2019-1181 et CVE-2019-1182",
      "url": "https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/"
    },
    {
      "title": "Avis CERT-FR CERTFR-2019-AVI-397",
      "url": "https://cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-397/"
    },
    {
      "title": "Alerte de s\u00e9curit\u00e9 du CERT-FR\u00a0CERTFR-2019-ALE-006 du 15 mai 2019",
      "url": "https://www.cert.ssi.gouv.fr/alerte/CERTFR-2019-ALE-006/"
    },
    {
      "title": "Publication de blogue de Microsoft l\u0027incompatibilit\u00e9 de la mise \u00e0 jour d\u0027ao\u00fbt 2019 avec les produits Symantec",
      "url": "https://support.microsoft.com/fr-fr/help/4512486/windows-7-update-kb4512486"
    }
  ],
  "reference": "CERTFR-2019-ALE-012",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-08-14T00:00:00.000000"
    },
    {
      "description": "Probl\u00e8me d\u0027incompatibilit\u00e9 avec les produits Symantec",
      "revision_date": "2019-08-14T00:00:00.000000"
    },
    {
      "description": "Cl\u00f4ture de l\u0027alerte",
      "revision_date": "2019-10-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Le 13 ao\u00fbt 2019, lors de la publication mensuelle de ses correctifs,\nMicrosoft a corrig\u00e9 plusieurs vuln\u00e9rabilit\u00e9s affectant les services de\nbureau \u00e0 distance (*Remote Desktop Services*, RDS). Parmi les failles\ncorrig\u00e9es, quatre d\u0027entre elles, critiques, permettent une ex\u00e9cution de\ncode arbitraire \u00e0 distance. Selon l\u0027\u00e9diteur, elles touchent les syst\u00e8mes\nWindows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows\n8.1, Windows Server 2012 R2 ainsi que toutes les versions support\u00e9es de\nWindows 10, cela incluant les versions serveur.\n\nCes vuln\u00e9rabilit\u00e9s identifi\u00e9es comme CVE-2019-1181, CVE-2019-1182,\nCVE-2019-1222 et CVE-2019-1226 peuvent \u00eatre exploit\u00e9es sans\nauthentification et sont consid\u00e9r\u00e9es comme \u00e9tant d\u0027une criticit\u00e9\nsimilaire \u00e0 la faille CVE-2019-0708 \\[1\\] corrig\u00e9e au mois de mai par\nl\u0027\u00e9diteur.\n\nEn accompagnement du bulletin mensuel sur les correctifs de s\u00e9curit\u00e9,\nMicrosoft a \u00e9galement publi\u00e9 un article de blogue \\[2\\] revenant sur\ndeux de ces failles, les CVE-2019-1181 et CVE-2019-1182. Celui-ci incite\nles utilisateurs \u00e0 mettre \u00e0 jour leurs syst\u00e8mes dans les plus brefs\nd\u00e9lais et met en garde contre le risque d\u0027utilisation de ce type de\nvuln\u00e9rabilit\u00e9 dans des attaques \u00e0 propagation de type \"ver\ninformatique\".\n\n\u00a0\n\n\u003cstrong\u003e\\[Mise \u00e0 jour 14 ao\u00fbt 2019\\]\u003c/strong\u003e\n\nMicrosoft a bloqu\u00e9 la mise \u00e0 jour d\u0027ao\u00fbt 2019 pour les utilisateurs de\nproduits Symantec et Norton \\[3\\]\\[4\\]. En effet, l\u0027algorithme SHA-2\npour la signature du certificat n\u0027est pas support\u00e9 par ces produits,\nceux-ci ne peuvent donc pas v\u00e9rifier la mise \u00e0 jour.\n\nMicrosoft d\u00e9conseille de forcer l\u0027installation. Aucune solution n\u0027est\ndisponible pour l\u0027instant.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Remote Desktop Services",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2019-1226 du 13 ao\u00fbt 2019",
      "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1226"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2019-1222 du 13 ao\u00fbt 2019",
      "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1222"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2019-1181 du 13 ao\u00fbt 2019",
      "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1181"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2019-1182 du 13 ao\u00fbt 2019",
      "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1182"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2019-0708 (GCVE-0-2019-0708)

Vulnerability from cvelistv5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

CERTFR-2019-AVI-311

Vulnerability from certfr_avis

Solution

CERTFR-2019-AVI-223

Vulnerability from certfr_avis

Solution

CERTFR-2019-AVI-553

Vulnerability from certfr_avis

Solution

CERTFR-2019-AVI-240

Vulnerability from certfr_avis

Solution

CERTFR-2019-ALE-006

Vulnerability from certfr_alerte

NLA (Network Level Authentication)

Recommandations

Solution

Contournement provisoire

CERTFR-2019-ALE-012

Vulnerability from certfr_alerte

Solution

Contournement provisoire

Tags

Sightings

Nomenclature