#VU25260 Protection Mechanism Failure in Siemens products - CVE-2019-13924

Cybersecurity Help s.r.o.

Published: 2020-02-12

Vulnerability identifier: #VU25260

Vulnerability risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-13924

CWE-ID: CWE-693

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SCALANCE X-200
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE X-200 IRT
Hardware solutions / Routers & switches, VoIP, GSM, etc
SCALANCE X-300
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Siemens

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to the affected device does not send the X-Frame-Option header in the administrative web interface. A remote attacker can perform a click-jacking attack, bypass implemented security restrictions and elevate privileges on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

SCALANCE X-200: before 5.2.4

SCALANCE X-200 IRT: All versions

SCALANCE X-300: before 4.1.3

External links
https://cert-portal.siemens.com/productcert/pdf/ssa-951513.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Privilege escalation in Siemens SCALANCE X Switches