Denial of Service Vulnerability in Siemens WinCC Flexible and SIMATIC HMI Panels
CVE-2011-4877

Currently unrated

Key Information:

Vendor
Siemens
Status
Wincc Flexible
Vendor
CVE Published:
3 February 2012

Summary

The HmiLoad function in the runtime loader of Siemens' WinCC flexible versions and SIMATIC HMI panels is vulnerable due to mishandling of crafted data over TCP while Transfer Mode is enabled. This flaw can be exploited by remote attackers, leading to an application crash and service disruption, which poses significant risks to operational reliability and security in environments relying on these systems.

References

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-3...
x_refsource_MISC
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-3...
x_refsource_MISC
http://www.siemens.com/corporate-technology/pool/de/forsc...
x_refsource_CONFIRM

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.