PT-2014-8612 · Siemens · Tia Portal+2

Published

2014-11-26

Updated

2014-11-26

CVE-2014-8551

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Siemens SIMATIC WinCC versions 7.0 through 7.3 before Update 2 Siemens SIMATIC PCS 7 versions 7.1 through 8.1 Siemens TIA Portal version 13 before Update 6

Description The issue allows remote attackers to execute arbitrary code via crafted packets.

Recommendations For Siemens SIMATIC WinCC versions 7.0 through 7.3 before Update 2, update to a version that includes Update 2 or later. For Siemens SIMATIC PCS 7 versions 7.1 through 8.1, apply the necessary updates or patches to secure the system. For Siemens TIA Portal version 13 before Update 6, update to Update 6 or a later version to resolve the issue.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2014-8551

Affected Products

Simatic Pcs 7

Simatic Wincc

Tia Portal

PT-2014-8612 · Siemens · Tia Portal+2

CVE-2014-8551

Weakness Enumeration

Related Identifiers

Affected Products

References · 3