CVE-2020-7592
First published: Tue Jul 14 2020(Updated: )
A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) (All versions), SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions), SIMATIC HMI KTP700F Mobile Arctic (All versions), SIMATIC HMI Mobile Panels 2nd Generation (All versions), SIMATIC WinCC Runtime Advanced (All versions). Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have access to sensitive information.
Credit: productcert@siemens.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens SIMATIC HMI Basic Panels 1st Generation (incl. SIPLUS variants) | ||
| Siemens SIMATIC HMI Basic Panels 2nd Generation (incl. SIPLUS variants) | ||
| Siemens SIMATIC HMI Comfort Panels (incl. SIPLUS variants) | ||
| Siemens SIMATIC HMI KTP700F Mobile Arctic | ||
| Siemens SIMATIC HMI Mobile Panels 2nd Generation | ||
| Siemens SIMATIC WinCC Runtime Advanced | ||
| Siemens Simatic Hmi Basic Panels 1st Generation | ||
| Siemens Simatic Hmi Basic Panels 2nd Generation | ||
| Siemens SIMATIC WinCC Runtime Advanced | ||
| Siemens Simatic Hmi Comfort Panels Firmware | ||
| Siemens Simatic Hmi Comfort Panels | ||
| Siemens Simatic Hmi Ktp700f Mobile Arctic Firmware | ||
| Siemens SIMATIC HMI KTP700F Mobile Arctic | ||
| Siemens Simatic Hmi Mobile Panels 2nd Generation Firmware | ||
| Siemens SIMATIC HMI Mobile Panels 2nd Generation |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-7592.
What is the severity of CVE-2020-7592?
The severity of CVE-2020-7592 is medium with a CVSS score of 6.5.
Which software and versions are affected by CVE-2020-7592?
CVE-2020-7592 affects Siemens Simatic HMI Basic Panels 1st Generation (all versions), Siemens Simatic HMI Basic Panels 2nd Generation (all versions), Siemens Simatic Wincc Runtime Advanced (all versions), Siemens Simatic HMI Comfort Panels (all versions), and Siemens Simatic HMI Ktp700f Mobile Arctic Firmware (all versions).
What is the Common Weakness Enumeration (CWE) ID for CVE-2020-7592?
The CWE ID for CVE-2020-7592 is CWE-319.
Are Siemens Simatic HMI Comfort Panels and Siemens Simatic HMI Ktp700f Mobile Arctic affected by CVE-2020-7592?
No, Siemens Simatic HMI Comfort Panels and Siemens Simatic HMI Ktp700f Mobile Arctic are not affected by CVE-2020-7592.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/severity
- agent/references
- agent/event
- agent/softwarecombine
- agent/tags
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/siemens
- canonical/siemens simatic hmi basic panels 1st generation (incl. siplus variants)
- canonical/siemens simatic hmi basic panels 2nd generation (incl. siplus variants)
- canonical/siemens simatic hmi comfort panels (incl. siplus variants)
- canonical/siemens simatic hmi ktp700f mobile arctic
- canonical/siemens simatic hmi mobile panels 2nd generation
- canonical/siemens simatic wincc runtime advanced
- canonical/siemens simatic hmi basic panels 1st generation
- canonical/siemens simatic hmi basic panels 2nd generation
- canonical/siemens simatic hmi comfort panels firmware
- canonical/siemens simatic hmi comfort panels
- canonical/siemens simatic hmi ktp700f mobile arctic firmware
- canonical/siemens simatic hmi mobile panels 2nd generation firmware