Details of VAR-201202-0048

ID

VAR-201202-0048

CVE

CVE-2011-4513

TITLE

plural Siemens Vulnerabilities in products that allow arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2012-001315

DESCRIPTION

Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. plural Siemens The product includes HMI Web An arbitrary code execution vulnerability exists due to a flaw in processing related to the server and runtime loader.Crafted by attackers project An arbitrary code may be executed via the file. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. Social engineering is required to enable administrators to download files and execute them. SIMATIC Wincc Runtime Advanced is prone to a remote security vulnerability. Vulnerabilities exist in several versions of Siemens SIMATIC WinCC

Trust: 2.7

sources: NVD: CVE-2011-4513 // JVNDB: JVNDB-2012-001315 // CNVD: CNVD-2012-0463 // BID: 78355 // IVD: 28dd62b0-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52458

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 28dd62b0-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0463

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	mp	Trust: 2.4
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	op	Trust: 2.4
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	tp	Trust: 2.4
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2008	Trust: 1.9
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2007	Trust: 1.9
vendor:	siemens	model:	wincc	scope:	eq	version:	v11	Trust: 1.9
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	comfort_panels	Trust: 1.6
vendor:	siemens	model:	wincc runtime advanced	scope:	eq	version:	v11	Trust: 1.6
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	mobile_panels	Trust: 1.6
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2008	Trust: 1.4
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2007	Trust: 1.4
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2005	Trust: 1.4
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2004	Trust: 1.4
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	v11	Trust: 1.4
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2005	Trust: 1.3
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2004	Trust: 1.3
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	eq	version:	v11	Trust: 1.1
vendor:	siemens	model:	wincc flexible runtime	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	comfort panels	Trust: 0.8
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	mobile panels	Trust: 0.8
vendor:	siemens	model:	simatic wincc flexible rumtime	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic wincc flexible runtime	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic hmi panels	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic wincc	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	wincc flexible runtime	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	wincc flexible runtime	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic hmi panels tp	scope:	-	version:	-	Trust: 0.3
vendor:	siemens	model:	simatic hmi panels op	scope:	-	version:	-	Trust: 0.3
vendor:	siemens	model:	simatic hmi panels mp	scope:	-	version:	-	Trust: 0.3
vendor:	siemens	model:	simatic hmi panels mobile panels	scope:	-	version:	-	Trust: 0.3
vendor:	siemens	model:	simatic hmi panels comfort panels	scope:	-	version:	-	Trust: 0.3
vendor:	wincc flexible	model:	-	scope:	eq	version:	2004	Trust: 0.2
vendor:	wincc flexible	model:	-	scope:	eq	version:	2005	Trust: 0.2
vendor:	wincc flexible	model:	-	scope:	eq	version:	2007	Trust: 0.2
vendor:	wincc flexible	model:	-	scope:	eq	version:	2008	Trust: 0.2
vendor:	wincc	model:	-	scope:	eq	version:	v11	Trust: 0.2
vendor:	simatic hmi panels	model:	comfort panels	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	mobile panels	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	mp	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	op	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	tp	scope:	-	version:	-	Trust: 0.2
vendor:	wincc runtime advanced	model:	-	scope:	eq	version:	v11	Trust: 0.2
vendor:	wincc flexible runtime	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 28dd62b0-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0463 // BID: 78355 // JVNDB: JVNDB-2012-001315 // CNNVD: CNNVD-201202-088 // NVD: CVE-2011-4513

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-4513
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-4513
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201202-088
value:	CRITICAL
Trust: 0.6
IVD:	28dd62b0-2354-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-52458
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2011-4513
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
IVD:	28dd62b0-2354-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-52458
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 28dd62b0-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52458 // JVNDB: JVNDB-2012-001315 // CNNVD: CNNVD-201202-088 // NVD: CVE-2011-4513

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2011-4513

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-088

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201202-088

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001315

PATCH

title:	SSA-345442	url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf	Trust: 0.8
title:	ソリューションパートナー	url:	http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx	Trust: 0.8
title:	Top Page	url:	http://www.siemens.com/entry/jp/ja/	Trust: 0.8
title:	Patch for Siemens SIMATIC WinCC HMI Vulnerability (CNVD-2012-0463)	url:	https://www.cnvd.org.cn/patchInfo/show/9061	Trust: 0.6

sources: CNVD: CNVD-2012-0463 // JVNDB: JVNDB-2012-001315

EXTERNAL IDS

db:	NVD	id:	CVE-2011-4513	Trust: 3.6
db:	ICS CERT	id:	ICSA-12-030-01	Trust: 3.4
db:	SIEMENS	id:	SSA-345442	Trust: 2.0
db:	CNVD	id:	CNVD-2012-0463	Trust: 0.8
db:	CNNVD	id:	CNNVD-201202-088	Trust: 0.8
db:	JVNDB	id:	JVNDB-2012-001315	Trust: 0.8
db:	BID	id:	78355	Trust: 0.4
db:	IVD	id:	28DD62B0-2354-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-52458	Trust: 0.1

sources: IVD: 28dd62b0-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0463 // VULHUB: VHN-52458 // BID: 78355 // JVNDB: JVNDB-2012-001315 // CNNVD: CNNVD-201202-088 // NVD: CVE-2011-4513

REFERENCES

url:	http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf	Trust: 3.4
url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf	Trust: 2.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4513	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4513	Trust: 0.8

sources: CNVD: CNVD-2012-0463 // VULHUB: VHN-52458 // BID: 78355 // JVNDB: JVNDB-2012-001315 // CNNVD: CNNVD-201202-088 // NVD: CVE-2011-4513

CREDITS

Unknown

Trust: 0.3

sources: BID: 78355

SOURCES

db:	IVD	id:	28dd62b0-2354-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2012-0463
db:	VULHUB	id:	VHN-52458
db:	BID	id:	78355
db:	JVNDB	id:	JVNDB-2012-001315
db:	CNNVD	id:	CNNVD-201202-088
db:	NVD	id:	CVE-2011-4513

LAST UPDATE DATE

2024-08-14T13:36:42.018000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-0463	date:	2012-02-07T00:00:00
db:	VULHUB	id:	VHN-52458	date:	2012-02-06T00:00:00
db:	BID	id:	78355	date:	2012-02-03T00:00:00
db:	JVNDB	id:	JVNDB-2012-001315	date:	2012-02-08T00:00:00
db:	CNNVD	id:	CNNVD-201202-088	date:	2012-02-13T00:00:00
db:	NVD	id:	CVE-2011-4513	date:	2012-02-06T05:00:00

SOURCES RELEASE DATE

db:	IVD	id:	28dd62b0-2354-11e6-abef-000c29c66e3d	date:	2012-02-07T00:00:00
db:	CNVD	id:	CNVD-2012-0463	date:	2012-02-07T00:00:00
db:	VULHUB	id:	VHN-52458	date:	2012-02-03T00:00:00
db:	BID	id:	78355	date:	2012-02-03T00:00:00
db:	JVNDB	id:	JVNDB-2012-001315	date:	2012-02-08T00:00:00
db:	CNNVD	id:	CNNVD-201202-088	date:	2012-02-07T00:00:00
db:	NVD	id:	CVE-2011-4513	date:	2012-02-03T20:55:01.513