How to Buy
This script is Copyright (C) 2017 Tenable Network Security, Inc.
An application installed on the remote host is affected by multiple
denial of service vulnerabilities.
The version of Siemens SIMATIC WinCC (TIA Portal) installed on the
remote host is 13.x prior to 13 SP2 (1300.200.1001.1) or 14.x prior to
14 SP1 (1400.100.1201.1). It is, therefore, affected by multiple
denial of service vulnerabilities :
- A denial of service vulnerability exists due to improper
handling of PROFINET DCP broadcast packets. A remote
attacker can exploit this, via a specially crafted
packet, to cause a denial of service condition.
- A denial of service vulnerability exists in the DCOM
interface due to improper handling of specially crafted
messages. An authenticated, remote attacker who is a
member of the 'administrators' group can exploit this,
via a specially crafted message, to cause a denial of
service condition. (CVE-2017-6867)
See also :
Upgrade to Siemens SIMATIC WinCC (TIA Portal) version 13 SP2
(1300.200.1001.1) / 14 SP1 (1400.100.1201.1) or later..
Risk factor :
Medium / CVSS Base Score : 6.8
Nessus Plugin ID: 100299 ()
Bugtraq ID: 9836698368
CVE ID: CVE-2017-6865CVE-2017-6867
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.