Siemens SIMATIC WinCC and SIMATIC PCS 7 CVE-2019-10935 Arbitrary File Upload Vulnerability

Bugtraq ID: 109127
Class: Input Validation Error
CVE: CVE-2019-10935
Remote: Yes
Local: No
Published: Jul 09 2019 12:00AM
Updated: Jul 09 2019 12:00AM
Credit: Xuchen Zhu from ZheJiang Guoli Security Technology CNCERT/CC
Vulnerable: Siemens SIMATIC WinCC Runtime Professional v15.1 Update 1
Siemens SIMATIC WinCC Runtime Professional 15.1
Siemens SIMATIC WinCC Runtime Professional 15 Update 4
Siemens SIMATIC WinCC Runtime Professional 15
Siemens SIMATIC WinCC Runtime Professional 14 SP1
Siemens SIMATIC WinCC Runtime Professional 14
Siemens SIMATIC WinCC Runtime Professional 13 SP2
Siemens SIMATIC WinCC Runtime Professional 13 SP1 Upd2
Siemens SIMATIC WinCC Runtime Professional 13 SP 1 Update 9
Siemens SIMATIC WinCC Runtime Professional 13
Siemens SIMATIC WinCC (TIA Portal) Professional 15
Siemens SIMATIC WinCC (TIA Portal) Professional 14 SP1
Siemens SIMATIC WinCC (TIA Portal) Professional 14
Siemens SIMATIC WinCC (TIA Portal) Professional 13 SP2
Siemens SIMATIC WinCC (TIA Portal) Professional 13
Siemens SIMATIC WinCC 7.5
Siemens SIMATIC WinCC 7.4 Update 1
Siemens SIMATIC WinCC 7.4 SP1
Siemens SIMATIC WinCC 7.4
Siemens SIMATIC WinCC 7.3 Update 2
Siemens SIMATIC WinCC 7.3 Update 13
Siemens SIMATIC WinCC 7.3 Update 11
Siemens SIMATIC WinCC 7.3 Update 10
Siemens SIMATIC WinCC 7.3 Update 1
Siemens SIMATIC WinCC 7.3 Upd4
Siemens SIMATIC WinCC 7.3
Siemens SIMATIC WinCC 7.2 Update 9
Siemens SIMATIC WinCC 7.2
Siemens SIMATIC WinCC 7.0 SP3 Upd 8
Siemens SIMATIC WinCC 7.0
Siemens SIMATIC WinCC 6.2
Siemens SIMATIC PCS 7 9.0
Siemens SIMATIC PCS 7 8.2
Siemens SIMATIC PCS 7 8.1
Siemens SIMATIC PCS 7 8.0
Not Vulnerable: Siemens SIMATIC WinCC 7.5 Update 3
Siemens SIMATIC WinCC 7.4 SP-1 Upd-11
Siemens SIMATIC PCS 7 9.0 SP-2
Siemens SIMATIC PCS 7 8.2 SP-1


 

Privacy Statement
Copyright 2010, SecurityFocus