Î÷ÃÅ×ÓSICAM_230ÑϳÁ·ì϶°²È«¹«¸æ

°ä²¼¹¦·ò 2019-02-15

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2018-3989£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ4.3£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-3990£¬Î£ÏÕ¼¶±ð£ºÑϳÁ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ9.3£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-3991£¬Î£ÏÕ¼¶±ð£ºÑϳÁ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ9.3£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


SICAM 230£º7.20¼°Ö®Ç°ËùÓа汾


·ì϶¸ÅÊö


SICAM 230ÊÇÒ»¸ö¿ÉÀ©´óµÄ¹ý³Ì½ÚÔìϵͳ£¬ºÏÓÃÓÚ¿í·ºµÄϵͳÀûÓ÷¨Ê½£¬Äܹ»´Ó¼¯³ÉµÄÄÜԴϵͳÖÐʹÓá£ÓÃÓÚÖÇÄܵçÍøÀûÓõļà¿Øϵͳ¡£


CVE-2018-3989£ºÌØÔìµÄIRP£¨I / OÒªÇó°ü£©Äܹ»µ¼ÖÂÇý¶¯·¨Ê½£¬·µ»Øδ³õʼ»¯µÄÄڴ棬µ¼ÖÂÄÚºËÄÚ´æй¶¡£


CVE-2018-3990£ºÌØÔìµÄIRP£¨I / OÒªÇó°ü£©¿ÉÄܻᵼÖ»º³åÇøÒç³ö£¬µ¼ÖÂÄÚºËÄÚ´æ°Ü»µ£¬ÌØȨÉý¼¶¡£


CVE-2018-3991£º·¢Ë͵½¶Ë¿Ú22347 / tcpµÄÌØÔìTCPÊý¾Ý°ü¿ÉÄܵ¼Ö¶ÑÒç³ö£¬¿ÉÄܵ¼ÖÂÔ¶³Ì´úÂëÖ´ÐС£


·ì϶ÑéÖ¤


ÔÝÎÞPOC¡¢EXP¡£


½¨¸´½¨Òé


ÓйØÎ÷ÃÅ×Ó²úÆ·ºÍ½â¾ö¹æ»®£¬plRights Management£¨DRM£©½â¾ö¹æ»®Öа²È«·ì϶µÄ½øÒ»²½Õ÷ѯ£¬ÕâЩ½â¾ö¹æ»®»áÓ°ÏìSICAM 230¹ý³Ì½ÚÔìϵͳ¡£


Î÷ÃÅ×Ó½¨ÒéÓû§½«¸üÐÂÀûÓÃÓÚWIBU SYSTEMS AGÌṩµÄWibuKeyÊý×Ö°æȨÖÎÀí£¨DRM£©¡£ÇëÁªÏµSiemens ProductCERT£º

https://www.siemens.com/cert/advisories


²Î¿¼Á´½Ó


https://ics-cert.us-cert.gov/advisories/ICSA-19-043-03

https://cert-portal.siemens.com/productcert/txt/ssa-760124.txt