Vulnerability identifier: #VU10113
Vulnerability risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-476
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
SIMATIC WinCC Add-On SIPAPER IT MIS
Server applications /
SCADA systems
SIMATIC WinCC Add-On SICEMENT IT MIS
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-QUALITY
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-OPEN TCP/IP
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-OPEN PV02
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-OPEN PI
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-OPEN IMPORT
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-OPEN HOST-S
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-OPEN EXPORT
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-MAINT
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-CONTROL
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-ANALYZE
Server applications /
SCADA systems
SIMATIC WinCC Add-On PM-AGENT
Server applications /
SCADA systems
SIMATIC WinCC Add-On PI CONNECT AUDIT TRAIL
Server applications /
SCADA systems
SIMATIC WinCC Add-On PI CONNECT ALARM
Server applications /
SCADA systems
SIMATIC WinCC Add-On Historian CONNECT ALARM
Server applications /
SCADA systems
Vendor: Siemens
Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can send language pack (ZIP file) with invalid HTML files, trigger NULL pointer dereference and cause the service to crash.
Mitigation
Install update from vendor's website.
Vulnerable software versions
SIMATIC WinCC Add-On SIPAPER IT MIS: All versions
SIMATIC WinCC Add-On SICEMENT IT MIS: All versions
SIMATIC WinCC Add-On PM-QUALITY: All versions
SIMATIC WinCC Add-On PM-OPEN TCP/IP: All versions
SIMATIC WinCC Add-On PM-OPEN PV02: All versions
SIMATIC WinCC Add-On PM-OPEN PI: All versions
SIMATIC WinCC Add-On PM-OPEN IMPORT: All versions
SIMATIC WinCC Add-On PM-OPEN HOST-S: All versions
SIMATIC WinCC Add-On PM-OPEN EXPORT: All versions
SIMATIC WinCC Add-On PM-MAINT: All versions
SIMATIC WinCC Add-On PM-CONTROL: All versions
SIMATIC WinCC Add-On PM-ANALYZE: All versions
SIMATIC WinCC Add-On PM-AGENT: All versions
SIMATIC WinCC Add-On PI CONNECT AUDIT TRAIL: All versions
SIMATIC WinCC Add-On PI CONNECT ALARM: All versions
SIMATIC WinCC Add-On Historian CONNECT ALARM: All versions
External links
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-127490.pdf
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.