ID

VAR-201411-0459


CVE

CVE-2014-8551


TITLE

Siemens SIMATIC WinCC/PCS 7 Arbitrary code execution vulnerability

Trust: 1.0

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNVD: CNVD-2014-08593

DESCRIPTION

The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC WinCC, SIMATIC PCS 7 and TIA Portal (Botu) are all industrial automation products of German Siemens (Siemens). SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC; TIA Portal is a software platform that can quickly develop and debug automation systems. WinCC server is an option for it, which can operate multiple operating systems and monitoring stations in the network connected to the automation system. There are security vulnerabilities in the WinCC server of several Siemens products

Trust: 2.7

sources: NVD: CVE-2014-8551 // JVNDB: JVNDB-2014-005644 // CNVD: CNVD-2014-08593 // IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // VULHUB: VHN-76496 // VULMON: CVE-2014-8551

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNVD: CNVD-2014-08593

AFFECTED PRODUCTS

vendor:simatic winccmodel: - scope:eqversion:7.2

Trust: 3.2

vendor:simatic winccmodel: - scope:eqversion:7.0

Trust: 1.6

vendor:siemensmodel:simatic winccscope:eqversion:7.3

Trust: 1.6

vendor:siemensmodel:simatic tiaportalscope:eqversion:13.0

Trust: 1.6

vendor:siemensmodel:simatic pcs7scope:eqversion:8.1

Trust: 1.6

vendor:siemensmodel:simatic pcs7scope:eqversion:8.0

Trust: 1.6

vendor:siemensmodel:simatic winccscope:eqversion:7.2

Trust: 1.6

vendor:simatic tiaportalmodel: - scope:eqversion:13.0

Trust: 1.2

vendor:siemensmodel:simatic winccscope:eqversion:7.0

Trust: 1.0

vendor:siemensmodel:simatic pcs7scope:eqversion:7.1

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope:eqversion:7.1

Trust: 1.0

vendor:simatic pcs7model: - scope:eqversion:7.1

Trust: 0.8

vendor:simatic pcs7model: - scope:eqversion:8.0

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:7.3 update 2

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:7.2 update 9

Trust: 0.8

vendor:siemensmodel:simatic pcs 7scope:eqversion:7.1 to 7.1 sp4

Trust: 0.8

vendor:siemensmodel:simatic pcs 7scope:eqversion:8.0 to 8.0 sp2

Trust: 0.8

vendor:siemensmodel:totally integrated automation portalscope:ltversion:13

Trust: 0.8

vendor:siemensmodel:simatic winccscope:ltversion:7.3

Trust: 0.8

vendor:siemensmodel:simatic winccscope:ltversion:7.2

Trust: 0.8

vendor:siemensmodel:simatic pcs 7scope:eqversion:8.1

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:7.0 to 7.0 sp3

Trust: 0.8

vendor:siemensmodel:totally integrated automation portalscope:eqversion:13 update 6

Trust: 0.8

vendor:siemensmodel:wincc 7.0-sp3scope: - version: -

Trust: 0.6

vendor:siemensmodel:wincc (<updatescope:eqversion:7.29)

Trust: 0.6

vendor:siemensmodel:wincc (<updatescope:eqversion:7.32)

Trust: 0.6

vendor:siemensmodel:simatic pcs 7.1-sp4scope:eqversion:7

Trust: 0.6

vendor:siemensmodel:simatic pcs 8.0-sp2scope:eqversion:7

Trust: 0.6

vendor:siemensmodel:simatic pcsscope:eqversion:78.1

Trust: 0.6

vendor:simatic pcs7model: - scope:eqversion:8.1

Trust: 0.4

vendor:simatic pcs 7model: - scope:eqversion:7.1

Trust: 0.4

vendor:simatic winccmodel: - scope:eqversion:7.3

Trust: 0.4

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNVD: CNVD-2014-08593 // JVNDB: JVNDB-2014-005644 // CNNVD: CNNVD-201411-500 // NVD: CVE-2014-8551

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-8551
value: HIGH

Trust: 1.0

NVD: CVE-2014-8551
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-08593
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201411-500
value: CRITICAL

Trust: 0.6

IVD: b4b94e28-2351-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

IVD: 5c884bc4-e541-45c1-9c37-0147460766ff
value: CRITICAL

Trust: 0.2

VULHUB: VHN-76496
value: HIGH

Trust: 0.1

VULMON: CVE-2014-8551
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-8551
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2014-08593
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: b4b94e28-2351-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 5c884bc4-e541-45c1-9c37-0147460766ff
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-76496
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNVD: CNVD-2014-08593 // VULHUB: VHN-76496 // VULMON: CVE-2014-8551 // JVNDB: JVNDB-2014-005644 // CNNVD: CNNVD-201411-500 // NVD: CVE-2014-8551

PROBLEMTYPE DATA

problemtype:CWE-94

Trust: 1.9

sources: VULHUB: VHN-76496 // JVNDB: JVNDB-2014-005644 // NVD: CVE-2014-8551

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201411-500

TYPE

Code injection

Trust: 1.0

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNNVD: CNNVD-201411-500

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-005644

PATCH

title:SSA-134508url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf

Trust: 0.8

title:Patch for Siemens SIMATIC WinCC/PCS 7 arbitrary code execution vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/52284

Trust: 0.6

title:Threatposturl:https://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being-exploited/109631/

Trust: 0.1

sources: CNVD: CNVD-2014-08593 // VULMON: CVE-2014-8551 // JVNDB: JVNDB-2014-005644

EXTERNAL IDS

db:NVDid:CVE-2014-8551

Trust: 3.6

db:SIEMENSid:SSA-134508

Trust: 2.4

db:CNNVDid:CNNVD-201411-500

Trust: 1.1

db:CNVDid:CNVD-2014-08593

Trust: 1.0

db:ICS CERTid:ICSA-14-329-02

Trust: 0.8

db:JVNDBid:JVNDB-2014-005644

Trust: 0.8

db:SECUNIAid:60068

Trust: 0.6

db:IVDid:B4B94E28-2351-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:5C884BC4-E541-45C1-9C37-0147460766FF

Trust: 0.2

db:VULHUBid:VHN-76496

Trust: 0.1

db:ICS CERTid:ICSA-14-329-02D

Trust: 0.1

db:VULMONid:CVE-2014-8551

Trust: 0.1

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNVD: CNVD-2014-08593 // VULHUB: VHN-76496 // VULMON: CVE-2014-8551 // JVNDB: JVNDB-2014-005644 // CNNVD: CNNVD-201411-500 // NVD: CVE-2014-8551

REFERENCES

url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf

Trust: 2.4

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8551

Trust: 1.4

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8551

Trust: 0.8

url:https://ics-cert.us-cert.gov/advisories/icsa-14-329-02

Trust: 0.8

url:http://secunia.com/advisories/60068

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/94.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being-exploited/109631/

Trust: 0.1

url:https://ics-cert.us-cert.gov/advisories/icsa-14-329-02d

Trust: 0.1

sources: CNVD: CNVD-2014-08593 // VULHUB: VHN-76496 // VULMON: CVE-2014-8551 // JVNDB: JVNDB-2014-005644 // CNNVD: CNNVD-201411-500 // NVD: CVE-2014-8551

SOURCES

db:IVDid:b4b94e28-2351-11e6-abef-000c29c66e3d
db:IVDid:5c884bc4-e541-45c1-9c37-0147460766ff
db:CNVDid:CNVD-2014-08593
db:VULHUBid:VHN-76496
db:VULMONid:CVE-2014-8551
db:JVNDBid:JVNDB-2014-005644
db:CNNVDid:CNNVD-201411-500
db:NVDid:CVE-2014-8551

LAST UPDATE DATE

2024-08-14T13:34:40.648000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2014-08593date:2014-12-01T00:00:00
db:VULHUBid:VHN-76496date:2014-11-26T00:00:00
db:VULMONid:CVE-2014-8551date:2014-11-26T00:00:00
db:JVNDBid:JVNDB-2014-005644date:2014-11-27T00:00:00
db:CNNVDid:CNNVD-201411-500date:2014-11-27T00:00:00
db:NVDid:CVE-2014-8551date:2014-11-26T16:53:19.637

SOURCES RELEASE DATE

db:IVDid:b4b94e28-2351-11e6-abef-000c29c66e3ddate:2014-12-01T00:00:00
db:IVDid:5c884bc4-e541-45c1-9c37-0147460766ffdate:2014-12-01T00:00:00
db:CNVDid:CNVD-2014-08593date:2014-12-01T00:00:00
db:VULHUBid:VHN-76496date:2014-11-26T00:00:00
db:VULMONid:CVE-2014-8551date:2014-11-26T00:00:00
db:JVNDBid:JVNDB-2014-005644date:2014-11-27T00:00:00
db:CNNVDid:CNNVD-201411-500date:2014-11-27T00:00:00
db:NVDid:CVE-2014-8551date:2014-11-26T11:59:00.093