CVE-2013-0667

Name of the Vulnerable Software and Affected Versions Siemens WinCC (TIA Portal) version 11

Description A cross-site scripting (XSS) issue exists in the HMI web application, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL. This could potentially lead to unauthorized actions on the web application.

Recommendations For version 11, update to a newer version that contains a fix for this issue, or as a temporary workaround, consider restricting access to the HMI web application to minimize the risk of exploitation.