File Reading Vulnerability in Siemens SIMATIC WinCC and PCS 7
CVE-2014-8552

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic Tiaportal; Simatic Wincc; Simatic Pcs7; Simatic Pcs 7
Vendor: CVE Published:; 26 November 2014

What is CVE-2014-8552?

The WinCC server in Siemens SIMATIC WinCC and PCS 7 products contains a vulnerability that permits remote attackers to access and read arbitrary files through specially crafted packets. This issue affects multiple versions of SIMATIC WinCC from 7.0 to 7.3, SELECT PCS 7 versions 7.1 to 8.1, as well as TIA Portal 13 before Update 6. It is crucial for organizations using these systems to implement necessary security updates to safeguard their operations.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 26, 2014
Vulnerability Reserved
Oct 30, 2014