CVE-2014-1699

Name of the Vulnerable Software and Affected Versions Siemens SIMATIC WinCC OA versions prior to 3.12 P002 January

Description The issue allows remote attackers to cause a denial of service, specifically a monitoring-service outage, via malformed HTTP requests to port 4999. This can be exploited by sending specially crafted TCP packets, enabling an attacker to disrupt the monitoring service without needing to authenticate.

Recommendations For versions prior to 3.12 P002 January, update to version 3.12 P002 January or later to resolve the issue. As a temporary workaround, consider restricting access to port 4999 to minimize the risk of exploitation.