ID

VAR-201402-0261


CVE

CVE-2014-1697


TITLE

Siemens SIMATIC WinCC OA Integration Web Vulnerability in arbitrary code execution on server

Trust: 0.8

sources: JVNDB: JVNDB-2014-001340

DESCRIPTION

The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. SIEMENS SIMATIC WinCC Open Architecture has an unknown arbitrary code execution vulnerability that could allow a remote attacker to execute arbitrary code in the context of an affected application, possibly resulting in a denial of service attack. SIEMENS SIMATIC WinCC Open Architecture is prone to an unspecified arbitrary code-execution vulnerability. Failed exploit attempts may result in a denial-of-service condition. SIEMENS SIMATIC WinCC OA prior to 3.12 P002 are vulnerable. The system is mainly applicable to industries such as rail transit, building automation and public power supply

Trust: 2.7

sources: NVD: CVE-2014-1697 // JVNDB: JVNDB-2014-001340 // CNVD: CNVD-2014-00738 // BID: 65351 // IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-69636

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-00738

AFFECTED PRODUCTS

vendor:siemensmodel:simatic wincc open architecturescope:lteversion:3.12

Trust: 1.0

vendor:siemensmodel:simatic wincc oascope:ltversion:3.12 p002 january

Trust: 0.8

vendor:siemensmodel:simatic wincc open architecturescope:ltversion:3.12

Trust: 0.6

vendor:siemensmodel:simatic wincc open architecturescope:eqversion:3.12

Trust: 0.6

vendor:siemensmodel:simatic wincc oascope:eqversion:3.12

Trust: 0.3

vendor:siemensmodel:simatic wincc oa p002scope:neversion:3.12

Trust: 0.3

vendor:simatic wincc open architecturemodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-00738 // BID: 65351 // JVNDB: JVNDB-2014-001340 // CNNVD: CNNVD-201402-087 // NVD: CVE-2014-1697

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-1697
value: HIGH

Trust: 1.0

NVD: CVE-2014-1697
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-00738
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201402-087
value: HIGH

Trust: 0.6

IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

VULHUB: VHN-69636
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-1697
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-00738
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-69636
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-00738 // VULHUB: VHN-69636 // JVNDB: JVNDB-2014-001340 // CNNVD: CNNVD-201402-087 // NVD: CVE-2014-1697

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2014-1697

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201402-087

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201402-087

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001340

PATCH

title:SSA-342587url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf

Trust: 0.8

title:SIEMENS SIMATIC WinCC Open Architecture has patches for unknown code execution vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/43371

Trust: 0.6

sources: CNVD: CNVD-2014-00738 // JVNDB: JVNDB-2014-001340

EXTERNAL IDS

db:NVDid:CVE-2014-1697

Trust: 3.6

db:ICS CERTid:ICSA-14-035-01

Trust: 2.5

db:BIDid:65351

Trust: 2.0

db:SIEMENSid:SSA-342587

Trust: 2.0

db:OSVDBid:102810

Trust: 1.1

db:SECUNIAid:56651

Trust: 1.1

db:CNNVDid:CNNVD-201402-087

Trust: 0.9

db:CNVDid:CNVD-2014-00738

Trust: 0.8

db:JVNDBid:JVNDB-2014-001340

Trust: 0.8

db:IVDid:3B6B57F4-2352-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:SEEBUGid:SSVID-61485

Trust: 0.1

db:VULHUBid:VHN-69636

Trust: 0.1

sources: IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-00738 // VULHUB: VHN-69636 // BID: 65351 // JVNDB: JVNDB-2014-001340 // CNNVD: CNNVD-201402-087 // NVD: CVE-2014-1697

REFERENCES

url:http://ics-cert.us-cert.gov/advisories/icsa-14-035-01

Trust: 2.5

url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf

Trust: 2.0

url:http://www.securityfocus.com/bid/65351

Trust: 1.7

url:http://osvdb.org/102810

Trust: 1.1

url:http://secunia.com/advisories/56651

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/90933

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1697

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1697

Trust: 0.8

url:http://subscriber.communications.siemens.com/

Trust: 0.3

sources: CNVD: CNVD-2014-00738 // VULHUB: VHN-69636 // BID: 65351 // JVNDB: JVNDB-2014-001340 // CNNVD: CNNVD-201402-087 // NVD: CVE-2014-1697

CREDITS

Gleb Gritsai, Ilya Karpov and Kirill Nesterov

Trust: 0.3

sources: BID: 65351

SOURCES

db:IVDid:3b6b57f4-2352-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2014-00738
db:VULHUBid:VHN-69636
db:BIDid:65351
db:JVNDBid:JVNDB-2014-001340
db:CNNVDid:CNNVD-201402-087
db:NVDid:CVE-2014-1697

LAST UPDATE DATE

2024-08-14T14:46:48.458000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2014-00738date:2014-02-13T00:00:00
db:VULHUBid:VHN-69636date:2017-08-29T00:00:00
db:BIDid:65351date:2014-02-04T00:00:00
db:JVNDBid:JVNDB-2014-001340date:2014-02-10T00:00:00
db:CNNVDid:CNNVD-201402-087date:2014-02-12T00:00:00
db:NVDid:CVE-2014-1697date:2017-08-29T01:34:27.513

SOURCES RELEASE DATE

db:IVDid:3b6b57f4-2352-11e6-abef-000c29c66e3ddate:2014-02-13T00:00:00
db:CNVDid:CNVD-2014-00738date:2014-02-12T00:00:00
db:VULHUBid:VHN-69636date:2014-02-07T00:00:00
db:BIDid:65351date:2014-02-04T00:00:00
db:JVNDBid:JVNDB-2014-001340date:2014-02-10T00:00:00
db:CNNVDid:CNNVD-201402-087date:2014-02-12T00:00:00
db:NVDid:CVE-2014-1697date:2014-02-07T04:52:04.410