Remote Code Execution Vulnerability in Siemens SIMATIC WinCC and PCS 7
CVE-2014-8551

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic Tiaportal; Simatic Wincc; Simatic Pcs7; Simatic Pcs 7
Vendor: CVE Published:; 26 November 2014

What is CVE-2014-8551?

The WinCC server in certain versions of Siemens SIMATIC WinCC and PCS 7 has a security vulnerability that permits remote attackers to execute arbitrary code. This vulnerability is exploited via specially crafted packets, allowing unauthorized access. It is crucial for users to ensure their systems are updated to secure versions to mitigate any risk of attack.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

EPSS Score

5% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 26, 2014
Vulnerability Reserved
Oct 30, 2014