CVE-2013-4912

Name of the Vulnerable Software and Affected Versions Siemens WinCC (TIA Portal) versions 11 and 12 before 12 SP1

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels. This is due to an open redirect vulnerability in the affected software.

Recommendations For versions 11 and 12 before 12 SP1, update to version 12 SP1 or later to resolve the issue. As a temporary workaround, consider restricting access to the SIMATIC HMI panels to minimize the risk of exploitation.