Sign-up

ID

VAR-201303-0257


CVE

CVE-2013-0675


TITLE

Siemens WinCC CCEServer Buffer Overflow Vulnerability

Trust: 1.4

sources: IVD: 08df6392-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-02147 // CNNVD: CNNVD-201303-443

DESCRIPTION

Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet. A buffer overflow vulnerability exists in CCEServer in versions of Siemens WinCC prior to 7.2 used in SIMATIC PCS7. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC PCS is a process control system. Siemens SIMATIC WinCC 7.2, Siemens SIMATIC PCS 7 8.0 SP1 versions have information disclosure, directory traversal, buffer overflow security vulnerabilities, which can be exploited by attackers to obtain sensitive information, any system files, and execute arbitrary applications in the context of applications using ActiveX controls. Code. Multiple information-disclosure vulnerabilities 2. A directory-traversal vulnerability 3. Failed exploit attempts will result in a denial-of-service conditions

Trust: 3.24

sources: NVD: CVE-2013-0675 // JVNDB: JVNDB-2013-001988 // CNVD: CNVD-2013-02147 // CNVD: CNVD-2013-02175 // BID: 58545 // IVD: 08df6392-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-60677

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.4

sources: IVD: 08df6392-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-02147 // CNVD: CNVD-2013-02175

AFFECTED PRODUCTS

vendor:siemensmodel:winccscope:eqversion:6.0

Trust: 1.6

vendor:siemensmodel:simatic pcs7scope:eqversion:7.1

Trust: 1.6

vendor:siemensmodel:winccscope:eqversion:7.0

Trust: 1.6

vendor:siemensmodel:winccscope:eqversion:5.0

Trust: 1.6

vendor:siemensmodel:simatic winccscope:ltversion:7.2

Trust: 1.4

vendor:siemensmodel:simatic pcs7scope:lteversion:8.0

Trust: 1.0

vendor:siemensmodel:winccscope:lteversion:7.1

Trust: 1.0

vendor:winccmodel: - scope:eqversion:6.0

Trust: 0.8

vendor:winccmodel: - scope:eqversion:7.0

Trust: 0.8

vendor:siemensmodel:simatic pcs 7scope:ltversion:8.0 sp1

Trust: 0.8

vendor:siemensmodel:winccscope:ltversion:7.2

Trust: 0.6

vendor:siemensmodel:simatic pcs sp1scope:eqversion:7<8.0

Trust: 0.6

vendor:siemensmodel:simatic pcs7scope:eqversion:8.0

Trust: 0.6

vendor:winccmodel: - scope:eqversion:5.0

Trust: 0.4

vendor:simatic pcs7model: - scope:eqversion:7.1

Trust: 0.2

vendor:simatic pcs7model: - scope:eqversion:*

Trust: 0.2

vendor:winccmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 08df6392-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-02147 // CNVD: CNVD-2013-02175 // JVNDB: JVNDB-2013-001988 // CNNVD: CNNVD-201303-443 // NVD: CVE-2013-0675

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-0675
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-0675
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2013-02147
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2013-02175
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201303-443
value: MEDIUM

Trust: 0.6

IVD: 08df6392-2353-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-60677
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-0675
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2013-02147
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

CNVD: CNVD-2013-02175
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 08df6392-2353-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-60677
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 08df6392-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-02147 // CNVD: CNVD-2013-02175 // VULHUB: VHN-60677 // JVNDB: JVNDB-2013-001988 // CNNVD: CNNVD-201303-443 // NVD: CVE-2013-0675

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-60677 // JVNDB: JVNDB-2013-001988 // NVD: CVE-2013-0675

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 120899 // CNNVD: CNNVD-201303-363

TYPE

Buffer overflow

Trust: 0.8

sources: IVD: 08df6392-2353-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201303-443

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-001988

PATCH
title:Top Pageurl:http://www.siemens.com/entry/cc/en/
Trust: 0.8
title:SSA-714398: Vulnerabilities in WinCC 7.0 SP3 Update 1url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf
Trust: 0.8
title:シーメンスソリューションパートナーurl:http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx
Trust: 0.8
title:シーメンス・ジャパン株式会社url:http://www.siemens.com/answers/jp/ja/
Trust: 0.8
title:Patch for Siemens WinCC CCEServer Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/33000
Trust: 0.6
title:Siemens SIMATIC WinCC and PCS 7 have patches for multiple vulnerabilities such as information leakage, directory traversal, buffer overflows, etc.url:https://www.cnvd.org.cn/patchInfo/show/33002
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-02147 // 
            
            
            
            CNVD: CNVD-2013-02175 // 
            
            
            
            JVNDB: JVNDB-2013-001988

EXTERNAL IDS
db:NVDid:CVE-2013-0675
Trust: 3.7
db:ICS CERTid:ICSA-13-079-02
Trust: 2.8
db:SIEMENSid:SSA-714398
Trust: 2.0
db:BIDid:58545
Trust: 1.5
db:CNNVDid:CNNVD-201303-443
Trust: 0.9
db:CNVDid:CNVD-2013-02147
Trust: 0.8
db:JVNDBid:JVNDB-2013-001988
Trust: 0.8
db:CNVDid:CNVD-2013-02175
Trust: 0.6
db:CNNVDid:CNNVD-201303-363
Trust: 0.6
db:IVDid:08DF6392-2353-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-60677
Trust: 0.1
db:PACKETSTORMid:120899
Trust: 0.1
sources:
            
            
            IVD: 08df6392-2353-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2013-02147 // 
            
            
            
            CNVD: CNVD-2013-02175 // 
            
            
            
            VULHUB: VHN-60677 // 
            
            
            
            BID: 58545 // 
            
            
            
            JVNDB: JVNDB-2013-001988 // 
            
            
            
            PACKETSTORM: 120899 // 
            
            
            
            CNNVD: CNNVD-201303-363 // 
            
            
            
            CNNVD: CNNVD-201303-443 // 
            
            
            
            NVD: CVE-2013-0675

REFERENCES
url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf
Trust: 2.0
url:http://ics-cert.us-cert.gov/pdf/icsa-13-079-02.pdf
Trust: 2.0
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0675
Trust: 1.4
url:http://www.securityfocus.com/bid/58545
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0675
Trust: 0.8
url:http://ics-cert.us-cert.gov/pdf/icsa-13-079-02-a.pdf
Trust: 0.8
url:http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/scada/simatic-wincc/pages/default.aspx
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2013-0677
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-0674
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-0678
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-0676
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-0679
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-0675
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-02147 // 
            
            
            
            CNVD: CNVD-2013-02175 // 
            
            
            
            VULHUB: VHN-60677 // 
            
            
            
            BID: 58545 // 
            
            
            
            JVNDB: JVNDB-2013-001988 // 
            
            
            
            PACKETSTORM: 120899 // 
            
            
            
            CNNVD: CNNVD-201303-363 // 
            
            
            
            CNNVD: CNNVD-201303-443 // 
            
            
            
            NVD: CVE-2013-0675

CREDITS
Vendor, Gleb Gritsai and Sergey Gordeychik from Positive Technologies
Trust: 0.9
sources:
            
            
            BID: 58545 // 
            
            
            
            CNNVD: CNNVD-201303-363

SOURCES
db:IVDid:08df6392-2353-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2013-02147
db:CNVDid:CNVD-2013-02175
db:VULHUBid:VHN-60677
db:BIDid:58545
db:JVNDBid:JVNDB-2013-001988
db:PACKETSTORMid:120899
db:CNNVDid:CNNVD-201303-363
db:CNNVDid:CNNVD-201303-443
db:NVDid:CVE-2013-0675

LAST UPDATE DATE
2024-08-14T14:06:52.493000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-02147date:2013-03-26T00:00:00
db:CNVDid:CNVD-2013-02175date:2013-03-26T00:00:00
db:VULHUBid:VHN-60677date:2013-03-22T00:00:00
db:BIDid:58545date:2013-04-02T15:37:00
db:JVNDBid:JVNDB-2013-001988date:2013-03-25T00:00:00
db:CNNVDid:CNNVD-201303-363date:2013-03-19T00:00:00
db:CNNVDid:CNNVD-201303-443date:2013-03-25T00:00:00
db:NVDid:CVE-2013-0675date:2013-03-22T13:52:30.073

SOURCES RELEASE DATE
db:IVDid:08df6392-2353-11e6-abef-000c29c66e3ddate:2013-03-26T00:00:00
db:CNVDid:CNVD-2013-02147date:2013-03-26T00:00:00
db:CNVDid:CNVD-2013-02175date:2013-03-26T00:00:00
db:VULHUBid:VHN-60677date:2013-03-21T00:00:00
db:BIDid:58545date:2013-03-15T00:00:00
db:JVNDBid:JVNDB-2013-001988date:2013-03-25T00:00:00
db:PACKETSTORMid:120899date:2013-03-21T15:07:17
db:CNNVDid:CNNVD-201303-363date:2013-03-19T00:00:00
db:CNNVDid:CNNVD-201303-443date:2013-03-22T00:00:00
db:NVDid:CVE-2013-0675date:2013-03-21T15:55:01.553