CVE-2011-4878

Name of the Vulnerable Software and Affected Versions Siemens WinCC flexible versions 2004 through 2008 before SP3 Siemens WinCC V11 (aka TIA portal) versions prior to SP2 Update 1 Siemens TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels (affected versions not specified) Siemens WinCC V11 Runtime Advanced (affected versions not specified) Siemens WinCC flexible Runtime (affected versions not specified)

Description The issue allows remote attackers to read arbitrary files via a ..%5c (dot dot backslash) in a URI, which is a directory traversal vulnerability in the miniweb.exe component of the HMI web server.

Recommendations For Siemens WinCC flexible versions 2004 through 2008, update to at least SP3 to resolve the issue. For Siemens WinCC V11 (aka TIA portal), update to at least SP2 Update 1. For Siemens TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels, WinCC V11 Runtime Advanced, and WinCC flexible Runtime, at the moment, there is no information about a newer version that contains a fix for this vulnerability.