Search

(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)

View CVE

Log In
 
Register Vulnerability Feeds & WidgetsNew
 
www.itsecdb.com
 

Switch to https://
Home
Siemens » Simatic Pcs7 : Security Vulnerabilities
Browse :
CVSS Scores Greater Than:
0
 
1
 
2
 
3
 
4
 
5
 
6
 
7
 
8
 
9
 
Vendors Sort Results By :
CVE Number Descending
 
CVE Number Ascending
 
CVSS Score Descending
 
Number Of Exploits Descending
Products Copy Results
Download Results
Vulnerabilities By Date # CVE ID CWE # of Vulnerability Publish Update Score Gained Access Complexity Authentication Conf. Integ. Avail.
Vulnerabilities By Type ID Exploits Type(s) Date Date Access
Reports :
Level
CVSS Score Report
1 CVE-2017-14023 20 2017- 2020- 4.0 None Remote Low ??? None None Partial
CVSS Score Distribution 11-06 06-04
Search :

An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions.
Vendor Search The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the
Product Search administrators group to crash services by sending specially crafted messages to the DCOM interface.
Version Search
2 CVE-2017-12069 611 2017- 2017- 6.4 None Remote Low Not required Partial None Partial
Vulnerability Search
08-30 10-06
By Microsoft References
An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367.
Top 50 :

Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC
Vendors Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the
Vendor Cvss Scores OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.
Products
3 CVE-2016-7165 254 2016- 2018- 6.9 None Local Medium Not required Complete Complete Complete
Product Cvss Scores
11-15 06-15
Versions
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2),
Other :

SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All
Microsoft Bulletins versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions
Bugtraq Entries < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All
CWE Definitions versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions <
About & Contact V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2
Feedback Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All
versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All
CVE Help
versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All
FAQ
versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions).
Articles
Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed
External Links :
under their default path ("C:\Program Files\*" or the localized equivalent).
NVD Website
4 CVE-2014-8552 200 +Info 2014- 2014- 5.0 None Remote Low Not required Partial None None
CWE Web Site
11-26 11-26
View CVE : The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0

Go through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.
(e.g.: CVE-2009-1234 or
5 CVE-2014-8551 94 Exec Code 2014- 2014- 10.0 None Remote Low Not required Complete Complete Complete
2010-1234 or 20101234)
11-26 11-26
View BID : The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0

Go through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets.
(e.g.: 12345) 6 CVE-2014-4686 +Info 2014- 2014- None Remote Medium Not required Partial Partial Partial
6.8
Search By Microsoft 07-24 07-25
Reference ID: The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key,
Go which allows remote attackers to obtain sensitive information by extracting this key from another product installation and then employing this key
during the sniffing of network traffic on TCP port 1030.
(e.g.: ms10-001 or
979352) 7 CVE-2014-4685 264 +Priv 2014- 2014- 4.6 None Local Low Not required Partial Partial Partial
07-24 07-25
Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows local users to gain privileges by leveraging weak system-object access
control.

8 CVE-2014-4684 264 +Priv 2014- 2014- 6.0 None Remote Medium ??? Partial Partial Partial
07-24 07-25
The database server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges
via a request to TCP port 1433.

9 CVE-2014-4683 264 +Priv 2014- 2014- 4.9 None Remote Medium ??? Partial Partial None
07-24 07-25
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain
privileges via a (1) HTTP or (2) HTTPS request.

10 CVE-2014-4682 200 +Info 2014- 2014- 5.0 None Remote Low Not required Partial None None
07-24 07-25
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive
information via an HTTP request.

11 CVE-2013-3959 200 +Info 2013- 2013- 4.0 None Remote Low ??? Partial None None
06-14 06-17
The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior
for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via
crafted URL parameters.

12 CVE-2013-3958 255 2013- 2013- 7.5 None Remote Low Not required Partial Partial Partial
06-14 06-17
The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other
products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request.

13 CVE-2013-3957 89 Exec Code 2013- 2013- 7.5 None Remote Low Not required Partial Partial Partial
Sql 06-14 06-17
SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and
earlier and other products, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

14 CVE-2013-0679 22 Dir. Trav. 2013- 2013- 4.0 None Remote Low ??? Partial None None
03-21 03-22
 Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows
remote authenticated users to read arbitrary files via vectors involving a query for a pathname.

15 CVE-2013-0678 255 +Info 2013- 2013- 4.0 None Remote Low ??? Partial None None
03-21 03-22
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a
database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query.

16 CVE-2013-0677 200 DoS +Info 2013- 2013- 5.8 None Remote Medium Not required Partial None Partial
03-21 03-22
The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive
information or cause a denial of service via a crafted project file.

17 CVE-2013-0676 264 +Info 2013- 2013- 4.0 None Remote Low ??? Partial None None
03-21 03-22
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing
WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query.

18 CVE-2013-0675 119 DoS 2013- 2013- 6.1 None Local Low Not required None None Complete
Overflow 03-21 03-22 Network
Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and
other products, allows remote attackers to cause a denial of service via a crafted packet.

19 CVE-2013-0674 119 Exec Code 2013- 2013- 6.8 None Remote Medium Not required Partial Partial Partial
Overflow 03-21 03-22
Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows
remote attackers to execute arbitrary code via a long parameter.

20 CVE-2012-3034 200 +Info 2012- 2012- 4.3 None Remote Medium Not required Partial None None
09-18 09-19
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and
password via crafted parameters to unspecified methods in ActiveX controls.

21 CVE-2012-3032 89 Exec Code 2012- 2012- 7.5 None Remote Low Not required Partial Partial Partial
Sql 09-18 09-19
SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote
attackers to execute arbitrary SQL commands via a crafted SOAP message.

22 CVE-2012-3031 79 XSS 2012- 2012- 4.3 None Remote Medium Not required None Partial None
09-18 09-19
Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products,
allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header.

23 CVE-2012-3030 264 2012- 2012- 5.0 None Remote Low Not required Partial None None
09-18 12-20
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with
insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request.

24 CVE-2012-3028 352 DoS CSRF 2012- 2012- 6.8 None Remote Medium Not required Partial Partial Partial
09-18 09-19
Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products,
allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service.

25 CVE-2012-3015 +Priv 2012- 2012- 6.9 None Local Medium Not required Complete Complete Complete
07-26 07-30
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows
local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.

Total number of vulnerabilities : 25  

Page :
1
(This Page)

How does it work? Known limitations & technical details

 
User agreement, disclaimer and privacy statement
 
About & Contact
 
Feedback
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is
MITRE's CVE web site.
CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE
content is
MITRE's CWE web site.
OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is
MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user's risk.
It is the
responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or
indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.