Information disclosure in Siemens OZW Web Server



Published: 2020-02-12
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-13941
CWE-ID CWE-200
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Siemens OZW672
Hardware solutions / Security hardware applicances

Siemens OZW772
Hardware solutions / Security hardware applicances

Vendor Siemens

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Information disclosure

EUVDB-ID: #VU25262

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-13941

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the OZW web server uses predictable path names for project files that legitimately authenticated users have created by using the application’s export function. A remote attacker can access a specific uniform resource locator on the web server and download a project file without prior authentication.


Mitigation

Install updates from vendor's website.

Vulnerable software versions

Siemens OZW672: before 10.0

Siemens OZW772: before 10.0

External links

http://cert-portal.siemens.com/productcert/pdf/ssa-986695.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###