Denial of Service Vulnerability in Siemens SIMATIC WinCC OA
CVE-2014-1699

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic Wincc Open Architecture
Vendor: CVE Published:; 7 February 2014

What is CVE-2014-1699?

A vulnerability exists in Siemens SIMATIC WinCC OA versions prior to 3.12 P002, where remote attackers can exploit this flaw to trigger a denial of service condition. This is achieved by sending specially crafted HTTP requests to port 4999, resulting in the monitoring service becoming unavailable. Organizations using affected versions are advised to assess their exposure and apply the necessary updates to mitigate potential disruptions.

References

http://osvdb.org/102812

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/90936

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/65347

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 7, 2014
Vulnerability Reserved
Jan 29, 2014