Sign-up

ID

VAR-201912-1871


TITLE

Information disclosure vulnerability exists in Siemens KTP600PN touch screen

Trust: 0.6

sources: CNVD: CNVD-2019-47652

DESCRIPTION

KTP600 is a set of touch screen based on Windows platform developed by Siemens, which is used to quickly construct and generate the configuration software system of the host computer monitoring system. An information disclosure vulnerability exists in the Siemens KTP600PN touch screen. Attackers can use this vulnerability to obtain sensitive information

Trust: 0.72

sources: CNVD: CNVD-2019-47652 // IVD: 5cdc5067-f5b7-42b0-9dfc-145f7bee386b

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 5cdc5067-f5b7-42b0-9dfc-145f7bee386b // CNVD: CNVD-2019-47652

AFFECTED PRODUCTS

vendor:siemensmodel:ktp600pn touch screenscope: - version: -

Trust: 0.6

vendor:siemensmodel:ktp600pn touch screenscope:eqversion:*

Trust: 0.2

sources: IVD: 5cdc5067-f5b7-42b0-9dfc-145f7bee386b // CNVD: CNVD-2019-47652

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2019-47652
value: LOW

Trust: 0.6

IVD: 5cdc5067-f5b7-42b0-9dfc-145f7bee386b
value: LOW

Trust: 0.2

CNVD: CNVD-2019-47652
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 5cdc5067-f5b7-42b0-9dfc-145f7bee386b
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 5cdc5067-f5b7-42b0-9dfc-145f7bee386b // CNVD: CNVD-2019-47652

TYPE

Information leakage

Trust: 0.2

sources: IVD: 5cdc5067-f5b7-42b0-9dfc-145f7bee386b

PATCH

title:Information disclosure vulnerability exists in Siemens KTP600PN touch screenurl:https://www.cnvd.org.cn/patchinfo/show/190887

Trust: 0.6

sources: CNVD: CNVD-2019-47652

EXTERNAL IDS

db:CNVDid:CNVD-2019-47652

Trust: 0.8

db:IVDid:5CDC5067-F5B7-42B0-9DFC-145F7BEE386B

Trust: 0.2

sources: IVD: 5cdc5067-f5b7-42b0-9dfc-145f7bee386b // CNVD: CNVD-2019-47652

SOURCES

db:IVDid:5cdc5067-f5b7-42b0-9dfc-145f7bee386b
db:CNVDid:CNVD-2019-47652

LAST UPDATE DATE

2022-05-17T02:07:57.914000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-47652date:2020-01-09T00:00:00

SOURCES RELEASE DATE

db:IVDid:5cdc5067-f5b7-42b0-9dfc-145f7bee386bdate:2019-12-31T00:00:00
db:CNVDid:CNVD-2019-47652date:2019-12-30T00:00:00