CVE-2019-6576

🗓️ 14 May 2019 19:54:48Reported by siemensType

A TLS session key vulnerability in SIMATIC HMI Comfort Panels, Outdoor Panels, WinCC Runtime, and HMI Classic Devices < V15.1 Update 1

Reporter	Title	Published	Views	Family All 9
Tenable Nessus	Siemens SIMATIC HMI Panels and TIA Portal <= v15.1 Update 1 Insufficiently Protected Credentials (ICSA-19-134-09)	31 Jul 201900:00	–	nessus
CNVD	Multiple Siemens products vulnerable to encryption issues	14 May 201900:00	–	cnvd
Cvelist	CVE-2019-6576	14 May 201919:54	–	cvelist
EUVD	EUVD-2019-16135	7 Oct 202500:30	–	euvd
ICS	Siemens SIMATIC Panels and WinCC (TIA Portal)	9 Apr 201900:00	–	ics
NVD	CVE-2019-6576	14 May 201920:29	–	nvd
Prion	Design/Logic Flaw	14 May 201920:29	–	prion
RedhatCVE	CVE-2019-6576	22 May 202505:23	–	redhatcve
Vulnrichment	CVE-2019-6576	14 May 201919:54	–	vulnrichment

NVD

Node

siemens simatic_hmi_comfort_panels_firmwareRange<15.1

AND

siemens simatic_hmi_comfort_panelsMatch-

Node

siemens simatic_hmi_comfort_outdoor_panels_firmwareRange<15.1

AND

siemens simatic_hmi_comfort_outdoor_panelsMatch-

Node

siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmwareRange<15.1

AND

siemens simatic_hmi_ktp_mobile_panels_ktp400fMatch-

Node

siemens simatic_hmi_ktp_mobile_panels_ktp700_firmwareRange<15.1

AND

siemens simatic_hmi_ktp_mobile_panels_ktp700Match-

Node

siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmwareRange<15.1

AND

siemens simatic_hmi_ktp_mobile_panels_ktp700fMatch-

Node

siemens simatic_hmi_ktp_mobile_panels_ktp900_firmwareRange<15.1

AND

siemens simatic_hmi_ktp_mobile_panels_ktp900Match-

Node

siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmwareRange<15.1

AND

siemens simatic_hmi_ktp_mobile_panels_ktp900fMatch-

Node

siemens simatic_wincc_(tia_portal)Range<15.1

siemens simatic_wincc_runtimeRange<15.1advanced

siemens simatic_wincc_runtimeRange<15.1professional

Node

siemens simatic_hmi_tp_firmware

AND

siemens simatic_hmi_tpMatch-

Node

siemens simatic_hmi_mp_firmware

AND

siemens simatic_hmi_mpMatch-

Node

siemens simatic_hmi_op_firmware

AND

siemens simatic_hmi_opMatch-

[
  {
    "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC HMI Comfort Outdoor Panels 7\" & 15\"",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC Runtime Advanced",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC Runtime Professional",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC WinCC (TIA Portal)",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 1"
      }
    ]
  },
  {
    "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
    "vendor": "Siemens AG",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  }
]

Source	Link
us-cert	www.us-cert.gov/ics/advisories/ICSA-19-134-09
securityfocus	www.securityfocus.com/bid/108412
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf

02 Jun 2026 20:16Current

7.2High risk

Vulners AI Score7.2

CVSS 25

CVSS 37.5

CVSS 3.16.5

EPSS0.00364

SSVC

CWE-310