CVE-2016-9160

8.1HIGH

Key Information:

Vendor: Siemens
Status: Siemens Simatic Wincc (all Versions < Simatic Wincc V7.2) And Siemens Simatic Pcs 7 (all Versions < Simatic Pcs 7 V8.0 Sp1)
Vendor: CVE Published:; 17 December 2016

Summary

A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.

Affected Version(s)

SIEMENS SIMATIC WinCC (All < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All < SIMATIC PCS 7 V8.0 SP1) SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1)