Sign-up

ID

VAR-201308-0267


CVE

CVE-2013-4912


TITLE

Siemens SIMATIC WinCC TIA Portal URL Redirection Vulnerability

Trust: 0.8

sources: IVD: ce6aff78-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11281

DESCRIPTION

Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. Siemens SIMATIC WinCC TIA Portal is prone to a remote URL-redirection vulnerability. An attacker can leverage this issue by constructing a URI that includes a malicious site redirection. When an unsuspecting victim follows the URI, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Siemens SIMATIC WinCC TIA Portal prior to 12SP1 are vulnerable. The software enables fast and intuitive development and commissioning of automation systems

Trust: 2.7

sources: NVD: CVE-2013-4912 // JVNDB: JVNDB-2013-003627 // CNVD: CNVD-2013-11281 // BID: 61535 // IVD: ce6aff78-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-64914

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: ce6aff78-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11281

AFFECTED PRODUCTS

vendor:siemensmodel:winccscope:eqversion:11.0

Trust: 1.6

vendor:siemensmodel:winccscope:eqversion:12.0

Trust: 1.6

vendor:siemensmodel:simatic winccscope:eqversion:11

Trust: 0.8

vendor:siemensmodel:simatic winccscope:ltversion:12

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:12 sp1

Trust: 0.8

vendor:winccmodel: - scope:eqversion:11.0

Trust: 0.6

vendor:siemensmodel:simatic wincc tia portalscope:eqversion:12.x

Trust: 0.6

vendor:winccmodel: - scope:eqversion:12.0

Trust: 0.2

sources: IVD: ce6aff78-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11281 // JVNDB: JVNDB-2013-003627 // CNNVD: CNNVD-201307-680 // NVD: CVE-2013-4912

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-4912
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-4912
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2013-11281
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201307-680
value: MEDIUM

Trust: 0.6

IVD: ce6aff78-2352-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-64914
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-4912
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2013-11281
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: ce6aff78-2352-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-64914
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: ce6aff78-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-11281 // VULHUB: VHN-64914 // JVNDB: JVNDB-2013-003627 // CNNVD: CNNVD-201307-680 // NVD: CVE-2013-4912

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-64914 // JVNDB: JVNDB-2013-003627 // NVD: CVE-2013-4912

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201307-680

TYPE

Input validation

Trust: 0.8

sources: IVD: ce6aff78-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201307-680

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-003627

PATCH
title:SSA-064884url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf
Trust: 0.8
title:Patch for Siemens SIMATIC WinCC TIA Portal URL Redirection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/37987
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-11281 // 
            
            
            
            JVNDB: JVNDB-2013-003627

EXTERNAL IDS
db:NVDid:CVE-2013-4912
Trust: 3.7
db:BIDid:61535
Trust: 2.6
db:SIEMENSid:SSA-064884
Trust: 2.3
db:ICS CERTid:ICSA-13-213-02
Trust: 1.9
db:SECUNIAid:54051
Trust: 1.7
db:SECUNIAid:54252
Trust: 1.1
db:CNNVDid:CNNVD-201307-680
Trust: 0.9
db:CNVDid:CNVD-2013-11281
Trust: 0.8
db:JVNDBid:JVNDB-2013-003627
Trust: 0.8
db:IVDid:CE6AFF78-2352-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-64914
Trust: 0.1
db:PACKETSTORMid:122647
Trust: 0.1
sources:
            
            
            IVD: ce6aff78-2352-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2013-11281 // 
            
            
            
            VULHUB: VHN-64914 // 
            
            
            
            BID: 61535 // 
            
            
            
            JVNDB: JVNDB-2013-003627 // 
            
            
            
            PACKETSTORM: 122647 // 
            
            
            
            CNNVD: CNNVD-201307-680 // 
            
            
            
            NVD: CVE-2013-4912

REFERENCES
url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdf
Trust: 2.3
url:https://ics-cert.us-cert.gov/advisories/icsa-13-213-02
Trust: 1.9
url:http://www.securityfocus.com/bid/61535
Trust: 1.7
url:http://scadastrangelove.blogspot.com/2013/08/ssa-064884-wincctia-portal-fixes.html
Trust: 1.1
url:http://secunia.com/advisories/54051
Trust: 1.1
url:http://secunia.com/advisories/54252
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/86100
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4912
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4912
Trust: 0.8
url:http://www.secunia.com/advisories/54051/
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-4911
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-4912
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-11281 // 
            
            
            
            VULHUB: VHN-64914 // 
            
            
            
            JVNDB: JVNDB-2013-003627 // 
            
            
            
            PACKETSTORM: 122647 // 
            
            
            
            CNNVD: CNNVD-201307-680 // 
            
            
            
            NVD: CVE-2013-4912

CREDITS
Timur Yunusov and Sergey Bobrov from Positive Technologies
Trust: 0.9
sources:
            
            
            BID: 61535 // 
            
            
            
            CNNVD: CNNVD-201307-680

SOURCES
db:IVDid:ce6aff78-2352-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2013-11281
db:VULHUBid:VHN-64914
db:BIDid:61535
db:JVNDBid:JVNDB-2013-003627
db:PACKETSTORMid:122647
db:CNNVDid:CNNVD-201307-680
db:NVDid:CVE-2013-4912

LAST UPDATE DATE
2024-08-14T15:19:16.868000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-11281date:2013-08-05T00:00:00
db:VULHUBid:VHN-64914date:2017-08-29T00:00:00
db:BIDid:61535date:2013-08-01T17:55:00
db:JVNDBid:JVNDB-2013-003627date:2013-08-05T00:00:00
db:CNNVDid:CNNVD-201307-680date:2013-08-06T00:00:00
db:NVDid:CVE-2013-4912date:2017-08-29T01:33:41.247

SOURCES RELEASE DATE
db:IVDid:ce6aff78-2352-11e6-abef-000c29c66e3ddate:2013-08-05T00:00:00
db:CNVDid:CNVD-2013-11281date:2013-08-02T00:00:00
db:VULHUBid:VHN-64914date:2013-08-01T00:00:00
db:BIDid:61535date:2013-07-31T00:00:00
db:JVNDBid:JVNDB-2013-003627date:2013-08-05T00:00:00
db:PACKETSTORMid:122647date:2013-08-02T03:07:16
db:CNNVDid:CNNVD-201307-680date:2013-07-31T00:00:00
db:NVDid:CVE-2013-4912date:2013-08-01T13:32:26.127