Î÷ÃÅ×ÓDejaBlue¡¢Urgent/11ºÍSACK PanicÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-09-12

¡ñÎó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-1181£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-1182£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-1222£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-1226£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-12255£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-12256£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-12257£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬CVSS·ÖÖµ£º8.8

CVE±àºÅ£ºCVE-2019-12258£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬CVSS·ÖÖµ£º7.5

CVE±àºÅ£ºCVE-2019-12259£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬CVSS·ÖÖµ£º7.5

CVE±àºÅ£ºCVE-2019-12260£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬CVSS·ÖÖµ£º9.8

CVE±àºÅ£ºCVE-2019-12261£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬CVSS·ÖÖµ£º8.8

CVE±àºÅ£ºCVE-2019-12262£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬CVSS·ÖÖµ£º7.1

CVE±àºÅ£ºCVE-2019-12263£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬CVSS·ÖÖµ£º8.1

CVE±àºÅ£ºCVE-2019-12264£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬CVSS·ÖÖµ£º7.1

CVE±àºÅ£ºCVE-2019-11477£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬CVSS·ÖÖµ£º7.5


¡ñÓ°Ïì°æ±¾


ÊÜÓ°ÏìµÄ°æ±¾

DejaBlue£º

Aptio by Inpeco:All versionsµÈ


Urgent/11£º

RUGGEDCOM WIN70xx Base Station:All versions

RUGGEDCOM WIN72xx Base Station:All versions


SACK Panic£º

CM 1542-1:All versionsµÈ


¡ñÎó²î¸ÅÊö


±¾ÖܶþÎ÷ÃÅ×ÓÐû²¼¼¸·ÝÇ徲ͨ¸æ£¬£¬£¬£¬ÍƳö×î½üµÄDejaBlue¡¢Urgent/11ºÍSACK PanicÎó²îµÄÐÞ¸´²¹¶¡¡£¡£¡£¡£¡£


Î÷ÃÅ×ÓÌåÏÖ£¬£¬£¬£¬Î¢ÈíÔÚ8Ô·ÝÐÞ²¹µÄËĸöWindowsÔ¶³Ì×ÀÃæЧÀÍÎó²îÓ°ÏìÁ˲¿·ÖHealthineers²úÆ·£¬£¬£¬£¬µ«´ó´ó¶¼Ò½ÁƲúƷδÊÜÓ°Ïì¡£¡£¡£¡£¡£ÕâЩÎó²î±»×·×ÙΪDejaBlue£¬£¬£¬£¬Óë΢ÈíÔÚ5Ô·ÝÐÞ¸´µÄBlueKeepÀàËÆ¡£¡£¡£¡£¡£


Î÷ÃÅ×Ó»¹¼û¸æ¿Í»§ÆäÐí¶à²úÆ·Êܵ½×î½üÅû¶µÄLinuxÄÚºËÎó²î£¨SACK Panic£©µÄÓ°Ï죬£¬£¬£¬ÆäÖÐ×îÑÏÖصÄÒ»¸öÎó²îΪ¿Éµ¼ÖÂDoSµÄÎó²î£¨CVE-2019-11477£©¡£¡£¡£¡£¡£


±ðµÄ£¬£¬£¬£¬Î÷ÃÅ×ÓRUGGEDCOM WIN²úÆ·Êܵ½×î½üÅû¶µÄWind River VxWorksÎó²î£¨Urgent/11£©Ó°Ïì¡£¡£¡£¡£¡£


Î÷ÃÅ×Ó»¹Ðû²¼ÁËÁíÍâËķݱ¨¸æ¡£¡£¡£¡£¡£ËüÃÇÐÎòÁËIE / WSN-PA LinkÍø¹ØÖеĸßÑÏÖØÐÔ¿çÕ¾¾ç±¾£¨XSS£©Îó²î£¬£¬£¬£¬ÕâÊÇSIMATIC TDC CP51M1Ä £¿£¿£¿£¿éÖеĸßÑÏÖØÐÔDoSȱÏÝ£¬£¬£¬£¬ÊÇSINETPLANÖиßÑÏÖØÐÔµÄÈÏÖ¤ºóÏÂÁîÖ´Ðйýʧ£¬£¬£¬£¬ÒÔ¼°SINEMA Remote Connect ServerÖеÄÖÖÖÖÖеȺ͸ßÑÏÖØÐÔÎó²î¡£¡£¡£¡£¡£


¡ñÎó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£¡£¡£¡£


¡ñÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬£¬ÏÂÔØÁ´½Ó£ºhttps://new.siemens.com/global/en/products/services/cert.html#SecurityPublications¡£¡£¡£¡£¡£


¡ñ²Î¿¼Á´½Ó


https://www.securityweek.com/siemens-issues-advisories-dejablue-sack-panic-vulnerabilities