Siemens Wincc vulnerabilities
43 known vulnerabilities affecting siemens/wincc.
Total CVEs
43
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH8MEDIUM29
Vulnerabilities
Page 2 of 3
CVE-2013-0675MEDIUMCVSS 6.1≤ 7.1v5.0+2 more2013-03-21
CVE-2013-0675 [MEDIUM] CWE-119 CVE-2013-0675: Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2,
Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet.
nvd
CVE-2012-3032HIGHCVSS 7.5≤ 7.0v5.0+2 more2012-09-18
CVE-2012-3032 [HIGH] CWE-89 CVE-2012-3032: SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC
SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message.
nvd
CVE-2012-3030MEDIUMCVSS 5.0≤ 7.0v5.0+2 more2012-09-18
CVE-2012-3030 [MEDIUM] CWE-264 CVE-2012-3030: WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, store
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a (1) log file or (2) configuration file via a direct request.
nvd
CVE-2012-3034MEDIUMCVSS 4.3≤ 7.0v5.0+2 more2012-09-18
CVE-2012-3034 [MEDIUM] CWE-200 CVE-2012-3034: WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls.
nvd
CVE-2012-3031MEDIUMCVSS 4.3≤ 7.0v5.0+2 more2012-09-18
CVE-2012-3031 [MEDIUM] CWE-79 CVE-2012-3031: Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and ear
Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a (1) GET parameter, (2) POST parameter, or (3) Referer HTTP header.
nvd
CVE-2012-3028MEDIUMCVSS 6.8≤ 7.0v5.0+2 more2012-09-18
CVE-2012-3028 [MEDIUM] CWE-352 CVE-2012-3028: Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier
Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service.
nvd
CVE-2012-3003MEDIUMCVSS 5.8v7.02012-06-08
CVE-2012-3003 [MEDIUM] CWE-20 CVE-2012-3003: Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update
Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a GET request.
nvd
CVE-2012-2596MEDIUMCVSS 5.5v7.02012-06-08
CVE-2012-2596 [MEDIUM] CWE-94 CVE-2012-2596: The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 doe
The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to read or modify settings via a crafted URL, related to an "XML injection" attack.
nvd
CVE-2012-2595MEDIUMCVSS 4.3v7.02012-06-08
CVE-2012-2595 [MEDIUM] CWE-79 CVE-2012-2595: Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC
Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors involving special characters in parameters.
nvd
CVE-2012-2598MEDIUMCVSS 4.3v7.02012-06-08
CVE-2012-2598 [MEDIUM] CWE-119 CVE-2012-2598: Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote
Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.
nvd
CVE-2012-2597MEDIUMCVSS 4.0v7.02012-06-08
CVE-2012-2597 [MEDIUM] CWE-22 CVE-2012-2597: Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote a
Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL.
nvd
CVE-2011-4875CRITICALCVSS 9.3PoCvv112012-02-03
CVE-2011-4875 [CRITICAL] CWE-119 CVE-2011-4875: Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2
Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute arbitrary code v
nvd
CVE-2011-4513CRITICALCVSS 10.0vv112012-02-03
CVE-2011-4513 [CRITICAL] CVE-2011-4513: Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfo
Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader.
nvd
CVE-2011-4514CRITICALCVSS 10.0vv112012-02-03
CVE-2011-4514 [CRITICAL] CWE-287 CVE-2011-4514: The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal);
The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers to obtain access via a TCP session.
nvd
CVE-2011-4508CRITICALCVSS 9.3≤ v11vv112012-02-03
CVE-2011-4508 [CRITICAL] CWE-287 CVE-2011-4508: The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka T
The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime generates predictable authentication tokens for cookies, which makes it easier for remote atta
nvd
CVE-2011-4876CRITICALCVSS 9.3PoCvv112012-02-03
CVE-2011-4876 [CRITICAL] CWE-22 CVE-2011-4876: Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2
Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute, read, crea
nvd
CVE-2011-4509CRITICALCVSS 10.0vv112012-02-03
CVE-2011-4509 [CRITICAL] CWE-264 CVE-2011-4509: The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal);
The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the administrator account, which makes it easier for remote attackers to obta
nvd
CVE-2011-4879HIGHCVSS 8.5PoC≤ v11vv112012-02-03
CVE-2011-4879 [HIGH] CWE-20 CVE-2011-4879: miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; W
miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle URIs beginning with a 0xfa character, which allows remote a
nvd
CVE-2011-4878HIGHCVSS 7.8PoC≤ v11vv112012-02-03
CVE-2011-4878 [HIGH] CWE-22 CVE-2011-4878: Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 200
Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to read arbitrary files
nvd
CVE-2011-4877HIGHCVSS 7.1PoCvv112012-02-03
CVE-2011-4877 [HIGH] CWE-20 CVE-2011-4877: HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka T
HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to cause a denial of service (application crash) by sending cra
nvd