CVE-2014-8551

The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.0:sp2:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs7:8.0:sp1:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs7:8.0:sp2:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.3:1:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.2:7:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.2:6:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.2:5:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.2:4:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:7.1:sp1:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_tiaportal:13.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.2:1:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs7:7.1:sp4:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.2:3:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.2:8:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs7:8.1:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_tiaportal:13.0:5:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.0:sp1:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.2:2:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_tiaportal:13.0:3:*:*:*:*:*:*

Information

Published : 2014-11-26 03:59

Updated : 2014-11-26 08:53


NVD link : CVE-2014-8551

Mitre link : CVE-2014-8551


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

siemens

  • simatic_pcs7
  • simatic_tiaportal
  • simatic_pcs_7
  • simatic_wincc