Details of VAR-201402-0261

ID

VAR-201402-0261

CVE

CVE-2014-1697

TITLE

Siemens SIMATIC WinCC OA Integration Web Vulnerability in arbitrary code execution on server

Trust: 0.8

sources: JVNDB: JVNDB-2014-001340

DESCRIPTION

The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999. Based on the Windows platform, Siemens SIMATIC WinCC provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to multi-user systems supporting redundant servers and remote web client solutions. SIEMENS SIMATIC WinCC Open Architecture has an unknown arbitrary code execution vulnerability that could allow a remote attacker to execute arbitrary code in the context of an affected application, possibly resulting in a denial of service attack. SIEMENS SIMATIC WinCC Open Architecture is prone to an unspecified arbitrary code-execution vulnerability. Failed exploit attempts may result in a denial-of-service condition. SIEMENS SIMATIC WinCC OA prior to 3.12 P002 are vulnerable. The system is mainly applicable to industries such as rail transit, building automation and public power supply

Trust: 2.7

sources: NVD: CVE-2014-1697 // JVNDB: JVNDB-2014-001340 // CNVD: CNVD-2014-00738 // BID: 65351 // IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-69636

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-00738

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic wincc open architecture	scope:	lte	version:	3.12	Trust: 1.0
vendor:	siemens	model:	simatic wincc oa	scope:	lt	version:	3.12 p002 january	Trust: 0.8
vendor:	siemens	model:	simatic wincc open architecture	scope:	lt	version:	3.12	Trust: 0.6
vendor:	siemens	model:	simatic wincc open architecture	scope:	eq	version:	3.12	Trust: 0.6
vendor:	siemens	model:	simatic wincc oa	scope:	eq	version:	3.12	Trust: 0.3
vendor:	siemens	model:	simatic wincc oa p002	scope:	ne	version:	3.12	Trust: 0.3
vendor:	simatic wincc open architecture	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-00738 // BID: 65351 // JVNDB: JVNDB-2014-001340 // CNNVD: CNNVD-201402-087 // NVD: CVE-2014-1697

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-1697
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-1697
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2014-00738
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201402-087
value:	HIGH
Trust: 0.6
IVD:	3b6b57f4-2352-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
VULHUB:	VHN-69636
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-1697
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2014-00738
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	3b6b57f4-2352-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-69636
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-00738 // VULHUB: VHN-69636 // JVNDB: JVNDB-2014-001340 // CNNVD: CNNVD-201402-087 // NVD: CVE-2014-1697

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2014-1697

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201402-087

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201402-087

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001340

PATCH

title:	SSA-342587	url:	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf	Trust: 0.8
title:	SIEMENS SIMATIC WinCC Open Architecture has patches for unknown code execution vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/43371	Trust: 0.6

sources: CNVD: CNVD-2014-00738 // JVNDB: JVNDB-2014-001340

EXTERNAL IDS

db:	NVD	id:	CVE-2014-1697	Trust: 3.6
db:	ICS CERT	id:	ICSA-14-035-01	Trust: 2.5
db:	BID	id:	65351	Trust: 2.0
db:	SIEMENS	id:	SSA-342587	Trust: 2.0
db:	OSVDB	id:	102810	Trust: 1.1
db:	SECUNIA	id:	56651	Trust: 1.1
db:	CNNVD	id:	CNNVD-201402-087	Trust: 0.9
db:	CNVD	id:	CNVD-2014-00738	Trust: 0.8
db:	JVNDB	id:	JVNDB-2014-001340	Trust: 0.8
db:	IVD	id:	3B6B57F4-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	SEEBUG	id:	SSVID-61485	Trust: 0.1
db:	VULHUB	id:	VHN-69636	Trust: 0.1

sources: IVD: 3b6b57f4-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2014-00738 // VULHUB: VHN-69636 // BID: 65351 // JVNDB: JVNDB-2014-001340 // CNNVD: CNNVD-201402-087 // NVD: CVE-2014-1697

REFERENCES

url:	http://ics-cert.us-cert.gov/advisories/icsa-14-035-01	Trust: 2.5
url:	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf	Trust: 2.0
url:	http://www.securityfocus.com/bid/65351	Trust: 1.7
url:	http://osvdb.org/102810	Trust: 1.1
url:	http://secunia.com/advisories/56651	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/90933	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1697	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1697	Trust: 0.8
url:	http://subscriber.communications.siemens.com/	Trust: 0.3

sources: CNVD: CNVD-2014-00738 // VULHUB: VHN-69636 // BID: 65351 // JVNDB: JVNDB-2014-001340 // CNNVD: CNNVD-201402-087 // NVD: CVE-2014-1697

CREDITS

Gleb Gritsai, Ilya Karpov and Kirill Nesterov

Trust: 0.3

sources: BID: 65351

SOURCES

db:	IVD	id:	3b6b57f4-2352-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2014-00738
db:	VULHUB	id:	VHN-69636
db:	BID	id:	65351
db:	JVNDB	id:	JVNDB-2014-001340
db:	CNNVD	id:	CNNVD-201402-087
db:	NVD	id:	CVE-2014-1697

LAST UPDATE DATE

2024-08-14T14:46:48.458000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-00738	date:	2014-02-13T00:00:00
db:	VULHUB	id:	VHN-69636	date:	2017-08-29T00:00:00
db:	BID	id:	65351	date:	2014-02-04T00:00:00
db:	JVNDB	id:	JVNDB-2014-001340	date:	2014-02-10T00:00:00
db:	CNNVD	id:	CNNVD-201402-087	date:	2014-02-12T00:00:00
db:	NVD	id:	CVE-2014-1697	date:	2017-08-29T01:34:27.513

SOURCES RELEASE DATE

db:	IVD	id:	3b6b57f4-2352-11e6-abef-000c29c66e3d	date:	2014-02-13T00:00:00
db:	CNVD	id:	CNVD-2014-00738	date:	2014-02-12T00:00:00
db:	VULHUB	id:	VHN-69636	date:	2014-02-07T00:00:00
db:	BID	id:	65351	date:	2014-02-04T00:00:00
db:	JVNDB	id:	JVNDB-2014-001340	date:	2014-02-10T00:00:00
db:	CNNVD	id:	CNNVD-201402-087	date:	2014-02-12T00:00:00
db:	NVD	id:	CVE-2014-1697	date:	2014-02-07T04:52:04.410