Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2012-2598 (GCVE-0-2012-2598)
Vulnerability from cvelistv5 – Published: 2012-06-08 18:00 – Updated: 2024-09-17 02:02
VLAI?
EPSS
Summary
Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-08T18:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2598",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf",
"refsource": "CONFIRM",
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-2598",
"datePublished": "2012-06-08T18:00:00Z",
"dateReserved": "2012-05-09T00:00:00Z",
"dateUpdated": "2024-09-17T02:02:35.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2012-2598\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2012-06-08T18:55:02.317\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer en el servidor Web DiagAgent en Siemens WinCC 7.0 SP3 hasta la actualizaci\u00f3n Update 2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corte del agente) a trav\u00e9s de una entrada manipulada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"111D0F4D-2B67-46E8-BF8D-5D30EFE561EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:wincc:7.0:sp3:update_1:*:*:*:*:*\",\"matchCriteriaId\":\"BA8B4A08-C07D-46C6-BD30-477F54A02C98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:wincc:7.0:sp3:update_2:*:*:*:*:*\",\"matchCriteriaId\":\"02711FB5-B13E-4F7F-AD5A-47FEF0A996A1\"}]}]}],\"references\":[{\"url\":\"http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]}]}}"
}
}
GHSA-W3P4-49WH-M79F
Vulnerability from github – Published: 2022-05-17 05:28 – Updated: 2022-05-17 05:28
VLAI?
Details
Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.
{
"affected": [],
"aliases": [
"CVE-2012-2598"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-06-08T18:55:00Z",
"severity": "MODERATE"
},
"details": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.",
"id": "GHSA-w3p4-49wh-m79f",
"modified": "2022-05-17T05:28:53Z",
"published": "2022-05-17T05:28:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2598"
},
{
"type": "WEB",
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf"
}
],
"schema_version": "1.4.0",
"severity": []
}
VAR-201206-0074
Vulnerability from variot - Updated: 2025-04-11 23:04Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters, and there is a buffer overflow vulnerability in implementation. An attacker could exploit the vulnerability to cause a denial of service. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible.
Successful exploitation requires the DiagAgent web server to be enabled (disabled by default). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Siemens SIMATIC WinCC Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA49341
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
RELEASE DATE: 2012-06-07
DISCUSS ADVISORY: http://secunia.com/advisories/49341/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49341/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49341
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness and some vulnerabilities have been reported in Siemens SIMATIC WinCC, which can be exploited by malicious users to disclose potentially sensitive information and system information and manipulate certain data and by malicious people to conduct spoofing and cross-site scripting attacks.
1) Certain input passed via URL parameters to two unspecified web applications is not properly sanitised before being used to construct a XPath query for XML data. This can be exploited to manipulate XPath queries by injecting arbitrary XPath code and e.g. read or write certain system settings.
2) Certain input passed via a filename to two unspecified web applications is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
3) Certain input passed to two unspecified web applications is not properly sanitised before being returned to the user.
4) Certain input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.
The weakness and the vulnerabilities are reported in version 7.0 SP3.
SOLUTION: Apply "Update 2" (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: 1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, and Andrey Medov, Positive Technologies. 4) Reported by the vendor.
ORIGINAL ADVISORY: Siemens: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf
ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0074",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "wincc sp3",
"scope": "eq",
"trust": 0.9,
"vendor": "siemens",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3 to update 2"
},
{
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "wincc",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Alexander Zaitsev, Sergey Scherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis Baranov, Andrey Medov and Siemens",
"sources": [
{
"db": "BID",
"id": "53837"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2598",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-2598",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-55879",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2598",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-2598",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-087",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-55879",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. WinCC flexible is a human-machine interface for use in some machine or process applications. Siemens SIMATIC WinCC Flexible does not filter out specially crafted characters when parsing URL parameters, and there is a buffer overflow vulnerability in implementation. An attacker could exploit the vulnerability to cause a denial of service. Siemens SIMATIC WinCC Flexible is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary code in the context of the affected application, read arbitrary files on the system, redirect users to a potentially malicious site, access or modify data of an XML document, or cause denial-of-service conditions; other attacks may also be possible. \n\nSuccessful exploitation requires the DiagAgent web server to be\nenabled (disabled by default). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSiemens SIMATIC WinCC Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49341\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49341/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nRELEASE DATE:\n2012-06-07\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49341/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49341/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness and some vulnerabilities have been reported in Siemens\nSIMATIC WinCC, which can be exploited by malicious users to disclose\npotentially sensitive information and system information and\nmanipulate certain data and by malicious people to conduct spoofing\nand cross-site scripting attacks. \n\n1) Certain input passed via URL parameters to two unspecified web\napplications is not properly sanitised before being used to construct\na XPath query for XML data. This can be exploited to manipulate XPath\nqueries by injecting arbitrary XPath code and e.g. read or write\ncertain system settings. \n\n2) Certain input passed via a filename to two unspecified web\napplications is not properly verified before being used to display\nfiles. This can be exploited to disclose the contents of arbitrary\nfiles via directory traversal sequences. \n\n3) Certain input passed to two unspecified web applications is not\nproperly sanitised before being returned to the user. \n\n4) Certain input is not properly verified before being used to\nredirect users. This can be exploited to redirect a user to an\narbitrary website e.g. when a user clicks a specially crafted link to\nthe affected script hosted on a trusted domain. \n\nThe weakness and the vulnerabilities are reported in version 7.0 SP3. \n\nSOLUTION:\nApply \"Update 2\" (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1-3) The vendor credits Gleb Gritsai, Alexander Zaitsev, Sergey\nScherbel, Yuri Goltsev, Dmitry Serebryannikov, Sergey Bobrov, Denis\nBaranov, and Andrey Medov, Positive Technologies. \n4) Reported by the vendor. \n\nORIGINAL ADVISORY:\nSiemens:\nhttp://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2598"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2598",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-158-01",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-223158",
"trust": 1.9
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087",
"trust": 0.9
},
{
"db": "BID",
"id": "53837",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "49359",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3214",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "19751",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "49341",
"trust": 0.3
},
{
"db": "IVD",
"id": "C4B582FE-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-55879",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113374",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113371",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
}
]
},
"id": "VAR-201206-0074",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "VULHUB",
"id": "VHN-55879"
}
],
"trust": 1.6009954333333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
}
]
},
"last_update_date": "2025-04-11T23:04:13.648000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-223158: Multiple Vulnerabilities in WinCC 7.0 SP3",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens WinCC Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/18134"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-158-01.pdf"
},
{
"trust": 1.9,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2598"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2598"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49359"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/53837"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19751"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
},
{
"trust": 0.2,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49359/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49359"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49341"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49341/#comments"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "VULHUB",
"id": "VHN-55879"
},
{
"db": "BID",
"id": "53837"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"db": "PACKETSTORM",
"id": "113374"
},
{
"db": "PACKETSTORM",
"id": "113371"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
},
{
"db": "NVD",
"id": "CVE-2012-2598"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"date": "2012-06-08T00:00:00",
"db": "VULHUB",
"id": "VHN-55879"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"date": "2012-06-08T07:05:53",
"db": "PACKETSTORM",
"id": "113374"
},
{
"date": "2012-06-08T07:05:43",
"db": "PACKETSTORM",
"id": "113371"
},
{
"date": "2012-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-087"
},
{
"date": "2012-06-08T18:55:02.317000",
"db": "NVD",
"id": "CVE-2012-2598"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"date": "2012-06-12T00:00:00",
"db": "VULHUB",
"id": "VHN-55879"
},
{
"date": "2012-06-06T00:00:00",
"db": "BID",
"id": "53837"
},
{
"date": "2012-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002661"
},
{
"date": "2012-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-087"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-2598"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens WinCC Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3214"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "c4b582fe-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-087"
}
],
"trust": 0.8
}
}
GSD-2012-2598
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2012-2598",
"description": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.",
"id": "GSD-2012-2598"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2012-2598"
],
"details": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.",
"id": "GSD-2012-2598",
"modified": "2023-12-13T01:20:16.691560Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2598",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf",
"refsource": "CONFIRM",
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:update_1:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:7.0:sp3:update_2:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-2598"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf",
"refsource": "MISC",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf"
},
{
"name": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2012-06-12T04:00Z",
"publishedDate": "2012-06-08T18:55Z"
}
}
}
FKIE_CVE-2012-2598
Vulnerability from fkie_nvd - Published: 2012-06-08 18:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:wincc:7.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "111D0F4D-2B67-46E8-BF8D-5D30EFE561EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:wincc:7.0:sp3:update_1:*:*:*:*:*",
"matchCriteriaId": "BA8B4A08-C07D-46C6-BD30-477F54A02C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:wincc:7.0:sp3:update_2:*:*:*:*:*",
"matchCriteriaId": "02711FB5-B13E-4F7F-AD5A-47FEF0A996A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el servidor Web DiagAgent en Siemens WinCC 7.0 SP3 hasta la actualizaci\u00f3n Update 2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corte del agente) a trav\u00e9s de una entrada manipulada."
}
],
"id": "CVE-2012-2598",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-08T18:55:02.317",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ICSA-12-158-01
Vulnerability from csaf_cisa - Published: 2012-03-10 07:00 - Updated: 2025-06-05 21:48Summary
Siemens WinCC Multiple Vulnerabilities
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-12-158-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2012/icsa-12-158-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-12-158-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-12-158-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Siemens WinCC Multiple Vulnerabilities",
"tracking": {
"current_release_date": "2025-06-05T21:48:16.105605Z",
"generator": {
"date": "2025-06-05T21:48:16.105543Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-12-158-01",
"initial_release_date": "2012-03-10T07:00:00.000000Z",
"revision_history": [
{
"date": "2012-03-10T07:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-05T21:48:16.105605Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.0_SP3",
"product": {
"name": "Siemens Siemens WinCC: 7.0_SP3",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Siemens WinCC"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-2598",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released security advisory SSA-223158 (http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"category": "mitigation",
"details": "Siemens has produced an update that resolves all vulnerabilities except the buffer overflow in DiagAgent. The buffer overflow was not fixed, because the vulnerable DiagAgent is turned off by default and is no longer distributed or supported. The update is available in Update 2 for WinCC V7.0 SP3 (http://support.automation.siemens.com/WW/view/en/60984587). Siemens recommends applying this patch as soon as possible.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/60984587"
},
{
"category": "mitigation",
"details": "Siemens recommends not using DiagAgent, because it is no longer supported. Users can migrate to the SIMATIC Diagnostics Tool (http://support.automation.siemens.com/WW/view/en/44029135) or the SIMATIC Analyser (http://support.automation.siemens.com/WW/view/en/38645769).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/44029135"
},
{
"category": "mitigation",
"details": "Siemens recommends not using DiagAgent, because it is no longer supported. Users can migrate to the SIMATIC Diagnostics Tool (http://support.automation.siemens.com/WW/view/en/44029135) or the SIMATIC Analyser (http://support.automation.siemens.com/WW/view/en/38645769).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/38645769"
},
{
"category": "mitigation",
"details": "The buffer overflow vulnerability can only be exploited if the user starts the DiagAgent Web server manually. Siemens recommends that users check to ensure that the DiagAgent Web server is disabled and cautions users to only enable this option if and when it is needed.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2012-2597",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released security advisory SSA-223158 (http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"category": "mitigation",
"details": "Siemens has produced an update that resolves all vulnerabilities except the buffer overflow in DiagAgent. The buffer overflow was not fixed, because the vulnerable DiagAgent is turned off by default and is no longer distributed or supported. The update is available in Update 2 for WinCC V7.0 SP3 (http://support.automation.siemens.com/WW/view/en/60984587). Siemens recommends applying this patch as soon as possible.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/60984587"
},
{
"category": "mitigation",
"details": "Siemens recommends not using DiagAgent, because it is no longer supported. Users can migrate to the SIMATIC Diagnostics Tool (http://support.automation.siemens.com/WW/view/en/44029135) or the SIMATIC Analyser (http://support.automation.siemens.com/WW/view/en/38645769).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/44029135"
},
{
"category": "mitigation",
"details": "Siemens recommends not using DiagAgent, because it is no longer supported. Users can migrate to the SIMATIC Diagnostics Tool (http://support.automation.siemens.com/WW/view/en/44029135) or the SIMATIC Analyser (http://support.automation.siemens.com/WW/view/en/38645769).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/38645769"
},
{
"category": "mitigation",
"details": "The buffer overflow vulnerability can only be exploited if the user starts the DiagAgent Web server manually. Siemens recommends that users check to ensure that the DiagAgent Web server is disabled and cautions users to only enable this option if and when it is needed.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 6.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2012-2595",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors involving special characters in parameters.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released security advisory SSA-223158 (http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"category": "mitigation",
"details": "Siemens has produced an update that resolves all vulnerabilities except the buffer overflow in DiagAgent. The buffer overflow was not fixed, because the vulnerable DiagAgent is turned off by default and is no longer distributed or supported. The update is available in Update 2 for WinCC V7.0 SP3 (http://support.automation.siemens.com/WW/view/en/60984587). Siemens recommends applying this patch as soon as possible.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/60984587"
},
{
"category": "mitigation",
"details": "Siemens recommends not using DiagAgent, because it is no longer supported. Users can migrate to the SIMATIC Diagnostics Tool (http://support.automation.siemens.com/WW/view/en/44029135) or the SIMATIC Analyser (http://support.automation.siemens.com/WW/view/en/38645769).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/44029135"
},
{
"category": "mitigation",
"details": "Siemens recommends not using DiagAgent, because it is no longer supported. Users can migrate to the SIMATIC Diagnostics Tool (http://support.automation.siemens.com/WW/view/en/44029135) or the SIMATIC Analyser (http://support.automation.siemens.com/WW/view/en/38645769).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/38645769"
},
{
"category": "mitigation",
"details": "The buffer overflow vulnerability can only be exploited if the user starts the DiagAgent Web server manually. Siemens recommends that users check to ensure that the DiagAgent Web server is disabled and cautions users to only enable this option if and when it is needed.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2012-3003",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a GET request.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released security advisory SSA-223158 (http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"category": "mitigation",
"details": "Siemens has produced an update that resolves all vulnerabilities except the buffer overflow in DiagAgent. The buffer overflow was not fixed, because the vulnerable DiagAgent is turned off by default and is no longer distributed or supported. The update is available in Update 2 for WinCC V7.0 SP3 (http://support.automation.siemens.com/WW/view/en/60984587). Siemens recommends applying this patch as soon as possible.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/60984587"
},
{
"category": "mitigation",
"details": "Siemens recommends not using DiagAgent, because it is no longer supported. Users can migrate to the SIMATIC Diagnostics Tool (http://support.automation.siemens.com/WW/view/en/44029135) or the SIMATIC Analyser (http://support.automation.siemens.com/WW/view/en/38645769).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/44029135"
},
{
"category": "mitigation",
"details": "Siemens recommends not using DiagAgent, because it is no longer supported. Users can migrate to the SIMATIC Diagnostics Tool (http://support.automation.siemens.com/WW/view/en/44029135) or the SIMATIC Analyser (http://support.automation.siemens.com/WW/view/en/38645769).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/38645769"
},
{
"category": "mitigation",
"details": "The buffer overflow vulnerability can only be exploited if the user starts the DiagAgent Web server manually. Siemens recommends that users check to ensure that the DiagAgent Web server is disabled and cautions users to only enable this option if and when it is needed.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2012-2596",
"cwe": {
"id": "CWE-91",
"name": "XML Injection (aka Blind XPath Injection)"
},
"notes": [
{
"category": "summary",
"text": "The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to read or modify settings via a crafted URL, related to an \"XML injection\" attack.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Siemens has released security advisory SSA-223158 (http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-223158.pdf"
},
{
"category": "mitigation",
"details": "Siemens has produced an update that resolves all vulnerabilities except the buffer overflow in DiagAgent. The buffer overflow was not fixed, because the vulnerable DiagAgent is turned off by default and is no longer distributed or supported. The update is available in Update 2 for WinCC V7.0 SP3 (http://support.automation.siemens.com/WW/view/en/60984587). Siemens recommends applying this patch as soon as possible.",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/60984587"
},
{
"category": "mitigation",
"details": "Siemens recommends not using DiagAgent, because it is no longer supported. Users can migrate to the SIMATIC Diagnostics Tool (http://support.automation.siemens.com/WW/view/en/44029135) or the SIMATIC Analyser (http://support.automation.siemens.com/WW/view/en/38645769).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/44029135"
},
{
"category": "mitigation",
"details": "Siemens recommends not using DiagAgent, because it is no longer supported. Users can migrate to the SIMATIC Diagnostics Tool (http://support.automation.siemens.com/WW/view/en/44029135) or the SIMATIC Analyser (http://support.automation.siemens.com/WW/view/en/38645769).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://support.automation.siemens.com/WW/view/en/38645769"
},
{
"category": "mitigation",
"details": "The buffer overflow vulnerability can only be exploited if the user starts the DiagAgent Web server manually. Siemens recommends that users check to ensure that the DiagAgent Web server is disabled and cautions users to only enable this option if and when it is needed.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 5.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…