CVE-2014-8552CVE-2014-8552

Affected configuration(s):

cpe:/a:siemens:simatic_pcs7:7.1:sp3
cpe:/a:siemens:simatic_pcs7:7.1:sp4
cpe:/a:siemens:simatic_pcs7:8.0:sp1
cpe:/a:siemens:simatic_pcs7:8.0:sp2
cpe:/a:siemens:simatic_pcs7:8.1
cpe:/a:siemens:simatic_pcs_7:7.1:sp1
cpe:/a:siemens:simatic_tiaportal:13.0
cpe:/a:siemens:simatic_tiaportal:13.0:3
cpe:/a:siemens:simatic_tiaportal:13.0:5
cpe:/a:siemens:simatic_wincc:7.0
cpe:/a:siemens:simatic_wincc:7.0:sp1
cpe:/a:siemens:simatic_wincc:7.0:sp2
cpe:/a:siemens:simatic_wincc:7.0:sp3
cpe:/a:siemens:simatic_wincc:7.2:1
cpe:/a:siemens:simatic_wincc:7.2:2
cpe:/a:siemens:simatic_wincc:7.2:3
cpe:/a:siemens:simatic_wincc:7.2:4
cpe:/a:siemens:simatic_wincc:7.2:5
cpe:/a:siemens:simatic_wincc:7.2:6
cpe:/a:siemens:simatic_wincc:7.2:7
cpe:/a:siemens:simatic_wincc:7.2:8
cpe:/a:siemens:simatic_wincc:7.3:1

Date published: 2014-11-26T06:59:01.373-05:00

Date last modified: 2014-11-26T11:54:50.050-05:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf

Summary: The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.