CVE-2013-0674Improper Restriction of Operations within the Bounds of a Memory Buffer in Siemens Simatic Pcs7

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
2.7%
top 14.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Siemens Simatic Pcs7Siemens Wincc
Timeline
PublishedMar 21
Latest updateMay 17

Description

Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long parameter.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

NVDsiemens/wincc7.1+3

🔴Vulnerability Details

2
GHSA
GHSA-mv5c-27hj-78v9: Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 72022-05-17
CVEList
CVE-2013-0674: Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 72013-03-21
CVE-2013-0674 — Siemens Simatic Pcs7 vulnerability | cvebase