ID
VAR-201708-1508
CVE
CVE-2017-6871
TITLE
Siemens SIMATIC WinCC Sm@rtClient for Android Authentication Bypass Vulnerability
Trust: 0.8
DESCRIPTION
A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2) and SIMATIC WinCC Sm@rtClient for Android Lite (All versions before V1.0.2.2). An attacker with physical access to an unlocked mobile device, that has the affected app running, could bypass the app's authentication mechanism under certain conditions. Android for Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC WinCC Sm@rtClient for Android is a client program on Android. Siemens SIMATIC is an automation software in a single engineering environment. A security-bypass vulnerability 2. A local authentication-bypass vulnerability An attacker may leverage these issues to disclose sensitive information, perform certain unauthorized actions by conducting a man-in-the-middle attack, gain unauthorized access
Trust: 2.7
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.8 |
AFFECTED PRODUCTS
| vendor: | siemens | model: | simatic wincc sm\@rtclient lite | scope: | lte | version: | 1.0.2.1 | Trust: 1.0 |
| vendor: | siemens | model: | simatic wincc sm\@rtclient | scope: | lte | version: | 1.0.2.1 | Trust: 1.0 |
| vendor: | siemens | model: | simatic wincc sm@rtclient | scope: | eq | version: | 1.0.2.2 | Trust: 0.8 |
| vendor: | siemens | model: | simatic wincc sm@rtclient | scope: | lt | version: | all versions | Trust: 0.8 |
| vendor: | siemens | model: | simatic wincc sm@rtclient lite | scope: | lt | version: | all versions | Trust: 0.8 |
| vendor: | siemens | model: | simatic wincc sm@rtclient lite | scope: | eq | version: | 1.0.2.2 | Trust: 0.8 |
| vendor: | siemens | model: | simatic wincc sm@rtclient for android | scope: | lt | version: | 1.0.2.2 | Trust: 0.6 |
| vendor: | siemens | model: | simatic wincc sm@rtclient lite for android | scope: | lt | version: | 1.0.2.2 | Trust: 0.6 |
| vendor: | siemens | model: | simatic wincc sm\@rtclient | scope: | eq | version: | 1.0.2.1 | Trust: 0.6 |
| vendor: | siemens | model: | simatic wincc sm\@rtclient lite | scope: | eq | version: | 1.0.2.1 | Trust: 0.6 |
| vendor: | siemens | model: | simatic wincc sm@rtclient lite for android | scope: | eq | version: | 1.0.2 | Trust: 0.3 |
| vendor: | siemens | model: | simatic wincc sm@rtclient lite for android | scope: | eq | version: | 01.00.00.00 | Trust: 0.3 |
| vendor: | siemens | model: | simatic wincc sm@rtclient for android | scope: | eq | version: | 1.0.2 | Trust: 0.3 |
| vendor: | siemens | model: | simatic wincc sm@rtclient for android | scope: | eq | version: | 01.00.00.00 | Trust: 0.3 |
| vendor: | siemens | model: | simatic wincc sm@rtclient lite for android | scope: | ne | version: | 1.0.2.2 | Trust: 0.3 |
| vendor: | siemens | model: | simatic wincc sm@rtclient for android | scope: | ne | version: | 1.0.2.2 | Trust: 0.3 |
| vendor: | simatic wincc sm rtclient | model: | - | scope: | eq | version: | * | Trust: 0.2 |
| vendor: | simatic wincc sm rtclient lite | model: | - | scope: | eq | version: | * | Trust: 0.2 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-287 | Trust: 1.9 |
| problemtype: | CWE-288 | Trust: 1.0 |
THREAT TYPE
local
Trust: 0.6
TYPE
authorization issue
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | SSA-589378 | url: | https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-589378.pdf | Trust: 0.8 |
| title: | Siemens SIMATIC WinCC Sm@rtClient for Android authentication bypass vulnerability patch | url: | https://www.cnvd.org.cn/patchInfo/show/98179 | Trust: 0.6 |
| title: | Siemens SIMATIC WinCC Sm@rtClient for Android and Android Lite Security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99679 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2017-6871 | Trust: 3.6 |
| db: | SIEMENS | id: | SSA-589378 | Trust: 2.3 |
| db: | BID | id: | 99582 | Trust: 2.0 |
| db: | ICS CERT | id: | ICSA-17-194-03 | Trust: 1.1 |
| db: | CNNVD | id: | CNNVD-201703-626 | Trust: 0.9 |
| db: | CNVD | id: | CNVD-2017-14606 | Trust: 0.8 |
| db: | JVNDB | id: | JVNDB-2017-006992 | Trust: 0.8 |
| db: | IVD | id: | AA04AA25-A2F9-467B-9EB1-3A6FA82523A0 | Trust: 0.2 |
| db: | VULHUB | id: | VHN-115074 | Trust: 0.1 |
REFERENCES
| url: | https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-589378.pdf | Trust: 2.3 |
| url: | http://www.securityfocus.com/bid/99582 | Trust: 1.7 |
| url: | https://ics-cert.us-cert.gov/advisories/icsa-17-194-03 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6871 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2017-6871 | Trust: 0.8 |
| url: | http://subscriber.communications.siemens.com/ | Trust: 0.3 |
CREDITS
Karsten Sohr and Timo Glander from the TZI at the University of Bremen
Trust: 0.3
SOURCES
| db: | IVD | id: | aa04aa25-a2f9-467b-9eb1-3a6fa82523a0 |
| db: | CNVD | id: | CNVD-2017-14606 |
| db: | VULHUB | id: | VHN-115074 |
| db: | BID | id: | 99582 |
| db: | JVNDB | id: | JVNDB-2017-006992 |
| db: | CNNVD | id: | CNNVD-201703-626 |
| db: | NVD | id: | CVE-2017-6871 |
LAST UPDATE DATE
2025-04-20T23:27:17.277000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2017-14606 | date: | 2017-07-15T00:00:00 |
| db: | VULHUB | id: | VHN-115074 | date: | 2019-10-09T00:00:00 |
| db: | BID | id: | 99582 | date: | 2017-07-13T00:00:00 |
| db: | JVNDB | id: | JVNDB-2017-006992 | date: | 2017-09-07T00:00:00 |
| db: | CNNVD | id: | CNNVD-201703-626 | date: | 2019-10-17T00:00:00 |
| db: | NVD | id: | CVE-2017-6871 | date: | 2025-04-20T01:37:25.860 |
SOURCES RELEASE DATE
| db: | IVD | id: | aa04aa25-a2f9-467b-9eb1-3a6fa82523a0 | date: | 2017-07-15T00:00:00 |
| db: | CNVD | id: | CNVD-2017-14606 | date: | 2017-07-15T00:00:00 |
| db: | VULHUB | id: | VHN-115074 | date: | 2017-08-08T00:00:00 |
| db: | BID | id: | 99582 | date: | 2017-07-13T00:00:00 |
| db: | JVNDB | id: | JVNDB-2017-006992 | date: | 2017-09-07T00:00:00 |
| db: | CNNVD | id: | CNNVD-201703-626 | date: | 2017-03-16T00:00:00 |
| db: | NVD | id: | CVE-2017-6871 | date: | 2017-08-08T00:29:00.260 |