Siemens SIMATIC WinCC (TIA Portal) < 15 Update 4 Multiple Vulnerabilities (SSA-233109)
Medium Nessus Plugin ID 125392
SynopsisAn application installed on the remote host is affected by multiple vulnerabilities.
DescriptionThe version of Siemens SIMATIC WinCC (TIA Portal) installed on the remote Windows host is prior to version 15 update 4.
It is, therefore, affected by the following vulnerabilities:
- An unspecified directory traversal vulnerability exists. An unauthenticated, remote attacker can exploit this, by sending a URI that contains directory traversal characters, to disclose the contents of files located outside of the server's restricted path. (CVE-2018-13812)
- An URL redirection vulnerability exists in the webserver of HMI devices. A remote attacker can exploit this by tricking a user into visiting a specially crafted web page, allowing the attacker to disclose sensitive information. (CVE-2018-13813)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Siemens SIMATIC WinCC (TIA Portal) version 15 update 4 or later.