Siemens SIMATIC TIA Portal 13.x < 13 Upd6 Remote Code Execution

critical Nessus Plugin ID 81299

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The remote host has a version of Siemens SIMATIC TIA Portal installed that is 13.x prior to 13 update 6 (1300.6.201.1). It is, therefore, affected by an unspecified flaw in the WinCC component that allows an unauthenticated, remote attacker to execute arbitrary code or extract arbitrary files via specially crafted packets sent to the WinCC server.

Solution

Upgrade to Siemens SIMATIC TIA Portal version 13 Upd6 (1300.6.201.1) or later.

See Also

http://www.nessus.org/u?5f1f16df

Plugin Details

Severity: Critical

ID: 81299

File Name: scada_siemens_tia_wincc_rce.nbin

Version: 1.101

Type: local

Agent: windows

Family: SCADA

Published: 2/11/2015

Updated: 3/19/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2014-8551

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:siemens:simatic_tiaportal

Required KB Items: installed_sw/Siemens Totally Integrated Automation Portal

Exploit Ease: No known exploits are available

Patch Publication Date: 11/21/2014

Vulnerability Publication Date: 11/21/2014

Reference Information

CVE: CVE-2014-8551, CVE-2014-8552

ICSA: 14-329-02C