Required CVE Record Information
Description
The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999.
References 6 Total
- osvdb.org: 102810 vdb-entry
- exchange.xforce.ibmcloud.com: simatic-wincc-cve20141697-code-exec(90933) vdb-entry
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf
- secunia.com: 56651 third-party-advisory
- securityfocus.com: 65351 vdb-entry
- http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- osvdb.org: 102810 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: simatic-wincc-cve20141697-code-exec(90933) vdb-entryx_transferred
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf x_transferred
- secunia.com: 56651 third-party-advisoryx_transferred
- securityfocus.com: 65351 vdb-entryx_transferred
- http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 x_transferred