what you don't know can hurt you
Showing 1 - 6 of 6 RSS Feed

Files from Siemens ProductCERT

First Active2013-03-21
Last Active2015-02-16
Siemens SIMATIC STEP 7 (TIA Portal) V13 Privilege Escalation
Posted Feb 16, 2015
Authored by Siemens ProductCERT | Site siemens.com

The latest update for SIMATIC STEP 7 (TIA Portal) V13 fixes two vulnerabilities. Device user passwords in TIA portal project files are stored using a weak hashing algorithm. Attackers with read access to the project file could possibly reconstruct the passwords for device users. Privilege information for device users is stored unprotected in the TIA portal projects. Attackers with access to the project file could possibly read and modify the permissions for device users in the project file. If unsuspecting users are tricked to download the manipulated project files to the device, the user permissions become active.

tags | advisory, vulnerability
advisories | CVE-2015-1355, CVE-2015-1356
MD5 | f340f610760c631b2b024dfd38799121
Siemens SIMATIC WinCC (TIA Portal) V13 Privilege Escalation
Posted Feb 16, 2015
Authored by Siemens ProductCERT | Site siemens.com

The latest update for SIMATIC WinCC (TIA Portal) V13 fixes two vulnerabilities. The remote management module of WinCC (TIA Portal) Multi Panels and Comfort Panels, and WinCC RT Advanced transmits weakly protected credentials over the network. Attackers capturing network traffic of the remote management module could possibly reconstruct used passwords. A hard coded encryption key used in WinCC RT Professional could allow attackers to escalate their privileges if the application's network communication with an authenticated user was captured.

tags | advisory, remote, vulnerability
advisories | CVE-2014-4686, CVE-2015-1358
MD5 | ea5636a94418fcb4d3dc797ec2a1b94e
Siemens SIMATIC WinCC Privilege Escalation
Posted Jul 29, 2014
Authored by Siemens ProductCERT | Site siemens.com

Siemens SIMATIC WinCC versions prior to 7.3 suffer from unauthenticated access, privilege escalation, and hard-coded encryption key vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2014-4682, CVE-2014-4683, CVE-2014-4684, CVE-2014-4685, CVE-2014-4686
MD5 | 3310252074fd2b614a4d8a0497bbd17b
Siemens WinCC (TIA Portal) CSRF / URL Redirection
Posted Aug 2, 2013
Authored by Siemens ProductCERT | Site siemens.com

Siemens has updated WinCC SCADA and TIA Portal to address cross site request forgery and URL redirection vulnerabilities.

tags | advisory, vulnerability, csrf
advisories | CVE-2013-4911, CVE-2013-4912
MD5 | 00fc6448d12bde0f64dce230ed8d9234
Siemens Security Advisory 714398
Posted Mar 21, 2013
Authored by Siemens ProductCERT | Site siemens.com

WinCC stores Windows user credentials (user names and passwords) in a database. Authenticated users can log into this database, break the existing obfuscation and extract passwords. Furthermore, the database permissions allowed unprivileged users to gain access to sensitive data. A third vulnerability was found in the WinCC web server, where authenticated users could browse the file system via URL manipulation and extract sensitive information. A fourth vulnerability was found in the ActiveX component "RegReader", which is vulnerable to a buffer overflow and possible remote code execution. Manipulated project files can trigger a fifth vulnerability, which can allow an attacker to take over the WinCC PC. Furthermore a communication component called CCEServer is vulnerable to a remote buffer overflow that can be triggered over the network.

tags | advisory, remote, web, overflow, code execution, activex
systems | windows
MD5 | ffcbfac441af1daea9d6fc7bb79ad494
Siemens Security Advisory 212483
Posted Mar 21, 2013
Authored by Siemens ProductCERT | Site siemens.com

This advisory treats seven different vulnerabilities that have been found in the software running on SIMATIC HMIs that are engineered with WinCC (TIA Portal) V11, partially impacting confidentiality, integrity and availability of the system. The vulnerabilities affect the web server of engineered HMIs and their internal password management. Possible attacks require either physical access to the HMI or an authenticated user, so an attacker must either have valid user credentials or must use social engineering on a legitimate user. When the vulnerabilities are exploited they allow password retrieval, web session hijacking, source code retrieval, display of false data and Denial-of-Service.

tags | advisory, web, vulnerability
advisories | CVE-2011-4515
MD5 | 2389075d01f9a8dbd3e1e07455f8cda1
Page 1 of 1

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    4 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By