CRLF Injection Vulnerability in Siemens WinCC HMI Web Server
CVE-2011-4512

Currently unrated

Key Information:

Vendor

Siemens
Status
Wincc Flexible
Vendor
CVE Published:
3 February 2012

What is CVE-2011-4512?

A CRLF injection vulnerability exists in the HMI web server of Siemens WinCC, allowing remote attackers to exploit the system through unauthorized HTTP header insertion. The flaw affects various WinCC flexible versions and HMI panels, enabling potential HTTP response splitting attacks that could compromise system integrity and lead to further vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.siemens.com/corporate-technology/pool/de/forsc...
x_refsource_CONFIRM
http://www.us-cert.gov/control_systems/pdf/ICSA-12-030-01...
x_refsource_MISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.