Sign-up

ID

VAR-201411-0459


CVE

CVE-2014-8551


TITLE

Siemens SIMATIC WinCC/PCS 7 Arbitrary code execution vulnerability

Trust: 1.0

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNVD: CNVD-2014-08593

DESCRIPTION

The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets. Siemens SIMATIC WinCC is a monitoring control and data acquisition SCADA and human machine interface HMI system. Siemens SIMATIC WinCC, SIMATIC PCS 7 and TIA Portal (Botu) are all industrial automation products of German Siemens (Siemens). SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC; TIA Portal is a software platform that can quickly develop and debug automation systems. WinCC server is an option for it, which can operate multiple operating systems and monitoring stations in the network connected to the automation system. There are security vulnerabilities in the WinCC server of several Siemens products

Trust: 2.7

sources: NVD: CVE-2014-8551 // JVNDB: JVNDB-2014-005644 // CNVD: CNVD-2014-08593 // IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // VULHUB: VHN-76496 // VULMON: CVE-2014-8551

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNVD: CNVD-2014-08593

AFFECTED PRODUCTS

vendor:simatic winccmodel: - scope:eqversion:7.2

Trust: 3.2

vendor:simatic winccmodel: - scope:eqversion:7.0

Trust: 1.6

vendor:siemensmodel:simatic winccscope:eqversion:7.3

Trust: 1.6

vendor:siemensmodel:simatic tiaportalscope:eqversion:13.0

Trust: 1.6

vendor:siemensmodel:simatic pcs7scope:eqversion:8.1

Trust: 1.6

vendor:siemensmodel:simatic pcs7scope:eqversion:8.0

Trust: 1.6

vendor:siemensmodel:simatic winccscope:eqversion:7.2

Trust: 1.6

vendor:simatic tiaportalmodel: - scope:eqversion:13.0

Trust: 1.2

vendor:siemensmodel:simatic winccscope:eqversion:7.0

Trust: 1.0

vendor:siemensmodel:simatic pcs7scope:eqversion:7.1

Trust: 1.0

vendor:siemensmodel:simatic pcs 7scope:eqversion:7.1

Trust: 1.0

vendor:simatic pcs7model: - scope:eqversion:7.1

Trust: 0.8

vendor:simatic pcs7model: - scope:eqversion:8.0

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:7.3 update 2

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:7.2 update 9

Trust: 0.8

vendor:siemensmodel:simatic pcs 7scope:eqversion:7.1 to 7.1 sp4

Trust: 0.8

vendor:siemensmodel:simatic pcs 7scope:eqversion:8.0 to 8.0 sp2

Trust: 0.8

vendor:siemensmodel:totally integrated automation portalscope:ltversion:13

Trust: 0.8

vendor:siemensmodel:simatic winccscope:ltversion:7.3

Trust: 0.8

vendor:siemensmodel:simatic winccscope:ltversion:7.2

Trust: 0.8

vendor:siemensmodel:simatic pcs 7scope:eqversion:8.1

Trust: 0.8

vendor:siemensmodel:simatic winccscope:eqversion:7.0 to 7.0 sp3

Trust: 0.8

vendor:siemensmodel:totally integrated automation portalscope:eqversion:13 update 6

Trust: 0.8

vendor:siemensmodel:wincc 7.0-sp3scope: - version: -

Trust: 0.6

vendor:siemensmodel:wincc (<updatescope:eqversion:7.29)

Trust: 0.6

vendor:siemensmodel:wincc (<updatescope:eqversion:7.32)

Trust: 0.6

vendor:siemensmodel:simatic pcs 7.1-sp4scope:eqversion:7

Trust: 0.6

vendor:siemensmodel:simatic pcs 8.0-sp2scope:eqversion:7

Trust: 0.6

vendor:siemensmodel:simatic pcsscope:eqversion:78.1

Trust: 0.6

vendor:simatic pcs7model: - scope:eqversion:8.1

Trust: 0.4

vendor:simatic pcs 7model: - scope:eqversion:7.1

Trust: 0.4

vendor:simatic winccmodel: - scope:eqversion:7.3

Trust: 0.4

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNVD: CNVD-2014-08593 // JVNDB: JVNDB-2014-005644 // CNNVD: CNNVD-201411-500 // NVD: CVE-2014-8551

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-8551
value: HIGH

Trust: 1.0

NVD: CVE-2014-8551
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-08593
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201411-500
value: CRITICAL

Trust: 0.6

IVD: b4b94e28-2351-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

IVD: 5c884bc4-e541-45c1-9c37-0147460766ff
value: CRITICAL

Trust: 0.2

VULHUB: VHN-76496
value: HIGH

Trust: 0.1

VULMON: CVE-2014-8551
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-8551
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2014-08593
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: b4b94e28-2351-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 5c884bc4-e541-45c1-9c37-0147460766ff
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-76496
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNVD: CNVD-2014-08593 // VULHUB: VHN-76496 // VULMON: CVE-2014-8551 // JVNDB: JVNDB-2014-005644 // CNNVD: CNNVD-201411-500 // NVD: CVE-2014-8551

PROBLEMTYPE DATA

problemtype:CWE-94

Trust: 1.9

sources: VULHUB: VHN-76496 // JVNDB: JVNDB-2014-005644 // NVD: CVE-2014-8551

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201411-500

TYPE

Code injection

Trust: 1.0

sources: IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // CNNVD: CNNVD-201411-500

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-005644

PATCH
title:SSA-134508url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf
Trust: 0.8
title:Patch for Siemens SIMATIC WinCC/PCS 7 arbitrary code execution vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/52284
Trust: 0.6
title:Threatposturl:https://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being-exploited/109631/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-08593 // 
            
            
            
            VULMON: CVE-2014-8551 // 
            
            
            
            JVNDB: JVNDB-2014-005644

EXTERNAL IDS
db:NVDid:CVE-2014-8551
Trust: 3.6
db:SIEMENSid:SSA-134508
Trust: 2.4
db:CNNVDid:CNNVD-201411-500
Trust: 1.1
db:CNVDid:CNVD-2014-08593
Trust: 1.0
db:ICS CERTid:ICSA-14-329-02
Trust: 0.8
db:JVNDBid:JVNDB-2014-005644
Trust: 0.8
db:SECUNIAid:60068
Trust: 0.6
db:IVDid:B4B94E28-2351-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:5C884BC4-E541-45C1-9C37-0147460766FF
Trust: 0.2
db:VULHUBid:VHN-76496
Trust: 0.1
db:ICS CERTid:ICSA-14-329-02D
Trust: 0.1
db:VULMONid:CVE-2014-8551
Trust: 0.1
sources:
            
            
            IVD: b4b94e28-2351-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: 5c884bc4-e541-45c1-9c37-0147460766ff // 
            
            
            
            CNVD: CNVD-2014-08593 // 
            
            
            
            VULHUB: VHN-76496 // 
            
            
            
            VULMON: CVE-2014-8551 // 
            
            
            
            JVNDB: JVNDB-2014-005644 // 
            
            
            
            CNNVD: CNNVD-201411-500 // 
            
            
            
            NVD: CVE-2014-8551

REFERENCES
url:http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf
Trust: 2.4
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8551
Trust: 1.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8551
Trust: 0.8
url:https://ics-cert.us-cert.gov/advisories/icsa-14-329-02
Trust: 0.8
url:http://secunia.com/advisories/60068
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/94.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/siemens-patches-wincc-vulnerabilities-likely-being-exploited/109631/
Trust: 0.1
url:https://ics-cert.us-cert.gov/advisories/icsa-14-329-02d
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-08593 // 
            
            
            
            VULHUB: VHN-76496 // 
            
            
            
            VULMON: CVE-2014-8551 // 
            
            
            
            JVNDB: JVNDB-2014-005644 // 
            
            
            
            CNNVD: CNNVD-201411-500 // 
            
            
            
            NVD: CVE-2014-8551

SOURCES
db:IVDid:b4b94e28-2351-11e6-abef-000c29c66e3d
db:IVDid:5c884bc4-e541-45c1-9c37-0147460766ff
db:CNVDid:CNVD-2014-08593
db:VULHUBid:VHN-76496
db:VULMONid:CVE-2014-8551
db:JVNDBid:JVNDB-2014-005644
db:CNNVDid:CNNVD-201411-500
db:NVDid:CVE-2014-8551

LAST UPDATE DATE
2024-08-14T13:34:40.648000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-08593date:2014-12-01T00:00:00
db:VULHUBid:VHN-76496date:2014-11-26T00:00:00
db:VULMONid:CVE-2014-8551date:2014-11-26T00:00:00
db:JVNDBid:JVNDB-2014-005644date:2014-11-27T00:00:00
db:CNNVDid:CNNVD-201411-500date:2014-11-27T00:00:00
db:NVDid:CVE-2014-8551date:2014-11-26T16:53:19.637

SOURCES RELEASE DATE
db:IVDid:b4b94e28-2351-11e6-abef-000c29c66e3ddate:2014-12-01T00:00:00
db:IVDid:5c884bc4-e541-45c1-9c37-0147460766ffdate:2014-12-01T00:00:00
db:CNVDid:CNVD-2014-08593date:2014-12-01T00:00:00
db:VULHUBid:VHN-76496date:2014-11-26T00:00:00
db:VULMONid:CVE-2014-8551date:2014-11-26T00:00:00
db:JVNDBid:JVNDB-2014-005644date:2014-11-27T00:00:00
db:CNNVDid:CNNVD-201411-500date:2014-11-27T00:00:00
db:NVDid:CVE-2014-8551date:2014-11-26T11:59:00.093