CVE-2014-8552

Published Nov 26, 2014

Last updated 10 years ago

CVSS info 5.0

Overview

Description: The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:siemens:simatic_pcs_7:7.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE258BF2-AD82-401C-B020-08A22A549A25"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33FA164B-E269-4140-AC85-2623356AF636"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D62C7959-87D9-42EC-A224-2EE6EF23C1CF"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_pcs7:8.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "428F68D2-8C1D-4ADE-A6FB-65EC4C426F99"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_pcs7:8.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14193511-1B9B-4319-92AE-BB26F398550C"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_pcs7:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "172A6A81-C32E-4ACC-AB8C-2014BF3A6901"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_tiaportal:13.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19C3A00B-A47E-4723-B652-B64FDC5F2601"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_tiaportal:13.0:3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "144DE778-4439-489F-830D-B4742BB11FEB"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_tiaportal:13.0:5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39B75B5E-7979-4E3B-BE94-AE04F17A6F3C"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CF84FC5-9450-47B7-A4F0-99361C528C00"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8274939-833E-40E1-8D2E-1B28CEA91036"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61F46206-F232-4F62-AF4F-E2DCF462AE60"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D0BB2E6-1444-499A-943E-8D19C402F1BD"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D6E154F-F8A0-4E9D-BC37-E95B1820D2BF"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6745F96-FA72-457B-AD14-07C4B353310F"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E555D458-59C4-4CBC-95F4-CBA503BCCB24"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BEE67FC-D188-4B0C-A837-FC91B406982E"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75121F46-303D-4416-8FBD-1938BDD60AAB"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF8B251F-399E-4165-B3A6-801775212C5D"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBE45DD1-630F-448F-90FE-D3CC00266EF1"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFC7DC1F-B4C5-4116-9B53-706F2B3227DD"
          },
          {
            "criteria": "cpe:2.3:a:siemens:simatic_wincc:7.3:1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8F27E75-90CD-4C3B-AF0E-90EF338A2D91"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References