CVE-2019-10935 : What You Need to Know
Discover the security flaw in Siemens AG's SIMATIC PCS 7, WinCC Professional, and WinCC Runtime Professional. Learn about the impact, affected systems, and mitigation steps for CVE-2019-10935.
A security flaw has been discovered in various versions of Siemens AG's SIMATIC PCS 7, SIMATIC WinCC Professional, SIMATIC WinCC Runtime Professional, and SIMATIC WinCC. The vulnerability affects the SIMATIC WinCC DataMonitor web application, allowing the unrestricted uploading of ASPX code. This CVE does not require user interaction to be exploited and impacts device confidentiality, integrity, and availability.
Understanding CVE-2019-10935
This CVE identifies a critical security vulnerability in Siemens AG's industrial automation products.
What is CVE-2019-10935?
The vulnerability in the SIMATIC WinCC DataMonitor web application allows authenticated attackers with network access to upload ASPX code without restrictions.
The Impact of CVE-2019-10935
The vulnerability affects the confidentiality, integrity, and availability of the affected devices. As of the security advisory release, there have been no reported instances of public exploitation.
Technical Details of CVE-2019-10935
This section provides detailed technical information about the vulnerability.
Vulnerability Description
The flaw allows the uploading of ASPX code without restrictions in the SIMATIC WinCC DataMonitor web application.
Affected Systems and Versions
- SIMATIC PCS 7 V8.0 and earlier
- SIMATIC PCS 7 V8.1 (Versions < V8.1 with WinCC V7.3 Upd 19)
- SIMATIC PCS 7 V8.2 (Versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11)
- SIMATIC PCS 7 V9.0 (Versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11)
- SIMATIC WinCC Professional (TIA Portal V13)
- SIMATIC WinCC Professional (TIA Portal V14) (Versions < V14 SP1 Upd 9)
- SIMATIC WinCC Professional (TIA Portal V15) (Versions < V15.1 Upd 3)
- SIMATIC WinCC Runtime Professional V13
- SIMATIC WinCC Runtime Professional V14 (Versions < V14.1 Upd 8)
- SIMATIC WinCC Runtime Professional V15 (Versions < V15.1 Upd 3)
- SIMATIC WinCC V7.2 and earlier
- SIMATIC WinCC V7.3 (Versions < V7.3 Upd 19)
- SIMATIC WinCC V7.4 (Versions < V7.4 SP1 Upd 11)
- SIMATIC WinCC V7.5 (Versions < V7.5 Upd 3)
Exploitation Mechanism
The vulnerability can be exploited by an authenticated attacker with network access to the WinCC DataMonitor application without requiring user interaction.
Mitigation and Prevention
Protect your systems from CVE-2019-10935 with the following steps:
Immediate Steps to Take
- Apply vendor-supplied patches and updates promptly.
- Restrict network access to vulnerable systems.
- Monitor network traffic for signs of exploitation.
Long-Term Security Practices
- Regularly update and patch all software and firmware.
- Implement network segmentation to limit the impact of potential attacks.
- Conduct regular security assessments and audits.
Patching and Updates
Ensure that all affected systems are updated with the latest patches and updates provided by Siemens AG.