Denial of Service and Data Exposure in Siemens WinCC Versions
CVE-2011-4879

Currently unrated

Key Information:

Vendor: Siemens
Status: Wincc Flexible
Vendor: CVE Published:; 3 February 2012

Summary

The miniweb.exe component of the Siemens WinCC flexible web server fails to process certain URI requests correctly, specifically those beginning with the 0xfa character. This oversight can allow attackers to exploit the vulnerability by sending specially crafted POST requests, potentially leading to unauthorized access to sensitive data or causing the application to crash, leading to denial of service. Affected versions include multiple iterations of WinCC flexible and WinCC V11, among others.

References

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-3...

x_refsource_MISC

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-3...

x_refsource_MISC

http://www.siemens.com/corporate-technology/pool/de/forsc...

x_refsource_CONFIRM

EPSS Score

39% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 3, 2012
Vulnerability Reserved
Dec 21, 2011