what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from Siemens ProductCERT

First Active2013-03-21
Last Active2015-02-16
Siemens SIMATIC STEP 7 (TIA Portal) V13 Privilege Escalation
Posted Feb 16, 2015
Authored by Siemens ProductCERT | Site siemens.com

The latest update for SIMATIC STEP 7 (TIA Portal) V13 fixes two vulnerabilities. Device user passwords in TIA portal project files are stored using a weak hashing algorithm. Attackers with read access to the project file could possibly reconstruct the passwords for device users. Privilege information for device users is stored unprotected in the TIA portal projects. Attackers with access to the project file could possibly read and modify the permissions for device users in the project file. If unsuspecting users are tricked to download the manipulated project files to the device, the user permissions become active.

tags | advisory, vulnerability
advisories | CVE-2015-1355, CVE-2015-1356
SHA-256 | b243dfbab181ed3d05528d9c6f66e15488a6f9b74d9b5897afced4508f4b1aae
Siemens SIMATIC WinCC (TIA Portal) V13 Privilege Escalation
Posted Feb 16, 2015
Authored by Siemens ProductCERT | Site siemens.com

The latest update for SIMATIC WinCC (TIA Portal) V13 fixes two vulnerabilities. The remote management module of WinCC (TIA Portal) Multi Panels and Comfort Panels, and WinCC RT Advanced transmits weakly protected credentials over the network. Attackers capturing network traffic of the remote management module could possibly reconstruct used passwords. A hard coded encryption key used in WinCC RT Professional could allow attackers to escalate their privileges if the application's network communication with an authenticated user was captured.

tags | advisory, remote, vulnerability
advisories | CVE-2014-4686, CVE-2015-1358
SHA-256 | 8eaaadac7bd62a1372b3f4832ed7853c5bfabaa509311247fc900d53d44cd1e6
Siemens SIMATIC WinCC Privilege Escalation
Posted Jul 29, 2014
Authored by Siemens ProductCERT | Site siemens.com

Siemens SIMATIC WinCC versions prior to 7.3 suffer from unauthenticated access, privilege escalation, and hard-coded encryption key vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2014-4682, CVE-2014-4683, CVE-2014-4684, CVE-2014-4685, CVE-2014-4686
SHA-256 | 7b2386094198c589bb175e6f6352b3527830abc474c16d1dbe09639309362020
Siemens WinCC (TIA Portal) CSRF / URL Redirection
Posted Aug 2, 2013
Authored by Siemens ProductCERT | Site siemens.com

Siemens has updated WinCC SCADA and TIA Portal to address cross site request forgery and URL redirection vulnerabilities.

tags | advisory, vulnerability, csrf
advisories | CVE-2013-4911, CVE-2013-4912
SHA-256 | 0dcdf53dc204698a0f794d13e134ead3a850e0ff3d539c62279dbbbf78e5afef
Siemens Security Advisory 714398
Posted Mar 21, 2013
Authored by Siemens ProductCERT | Site siemens.com

WinCC stores Windows user credentials (user names and passwords) in a database. Authenticated users can log into this database, break the existing obfuscation and extract passwords. Furthermore, the database permissions allowed unprivileged users to gain access to sensitive data. A third vulnerability was found in the WinCC web server, where authenticated users could browse the file system via URL manipulation and extract sensitive information. A fourth vulnerability was found in the ActiveX component "RegReader", which is vulnerable to a buffer overflow and possible remote code execution. Manipulated project files can trigger a fifth vulnerability, which can allow an attacker to take over the WinCC PC. Furthermore a communication component called CCEServer is vulnerable to a remote buffer overflow that can be triggered over the network.

tags | advisory, remote, web, overflow, code execution, activex
systems | windows
SHA-256 | 871db31131d047fe9c609554c28f03dc8cf0ca905160d6f028d4e6fe6945be60
Siemens Security Advisory 212483
Posted Mar 21, 2013
Authored by Siemens ProductCERT | Site siemens.com

This advisory treats seven different vulnerabilities that have been found in the software running on SIMATIC HMIs that are engineered with WinCC (TIA Portal) V11, partially impacting confidentiality, integrity and availability of the system. The vulnerabilities affect the web server of engineered HMIs and their internal password management. Possible attacks require either physical access to the HMI or an authenticated user, so an attacker must either have valid user credentials or must use social engineering on a legitimate user. When the vulnerabilities are exploited they allow password retrieval, web session hijacking, source code retrieval, display of false data and Denial-of-Service.

tags | advisory, web, vulnerability
advisories | CVE-2011-4515
SHA-256 | fcef520cab212f67c15a79e30fbeafb976f24f11b4ac5b85915fb347e72d7116
Page 1 of 1

File Archive:

October 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    0 Files
  • 2
    Oct 2nd
    22 Files
  • 3
    Oct 3rd
    19 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By