Privilege Escalation Vulnerability in Siemens SIMATIC WinCC
CVE-2014-4684

Currently unrated

Key Information:

Vendor: Siemens
Status: Wincc; Simatic Pcs7
Vendor: CVE Published:; 24 July 2014

Summary

The database server component in Siemens SIMATIC WinCC prior to version 7.3 presents a vulnerability that allows remote authenticated users to escalate their privileges. This is facilitated through a specifically crafted request to TCP port 1433, potentially leading to unauthorized actions within the system. Users and administrators should be aware of this vulnerability to mitigate risks associated with unauthorized access.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 24, 2014
Vulnerability Reserved
Jun 28, 2014