Main Vulnerability Database SB2019071205

SB2019071205 - Arbitrary file upload in Siemens SIMATIC WinCC Professional

Published: July 12, 2019 Updated: July 12, 2019

Security Bulletin ID SB2019071205

CSH Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Arbitrary file upload (CVE-ID: CVE-2019-10935)

CWE-ID: CWE-434 - Unrestricted Upload of File with Dangerous Type

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to insufficient validation of file uploads. A remote authenticated user with network access to the WinCC DataMonitor application can upload arbitrary ASPX code on the server.

The vulnerability is relevant only in situations where an attacker has access via the web interface but not to the directory structure.

Remediation

Install update from vendor's website.

References

https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf

SB2019071205 - Arbitrary file upload in Siemens SIMATIC WinCC Professional

Breakdown by Severity

Description

Remediation

References

Please verify you're human