Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0675

Overview

Vulnerability Score 6.1 6.1
CVE Id CVE-2013-0675
Last Modified 22 Mar 2013 09:52:30
Published 21 Mar 2013 11:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-0675

Summary

Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet.

Vulnerable Systems

Application

  • Siemens Simatic Pcs7 7.1

  • Siemens Simatic Pcs7 8.0

  • Siemens Wincc 5.0

  • Siemens Wincc 6.0

  • Siemens Wincc 7.0

  • Siemens Wincc 7.1


References

CONFIRM - http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf

MISC - http://ics-cert.us-cert.gov/pdf/ICSA-13-079-02.pdf


Last Updated: 27 May 2016 11:02:06