First published: Thu Mar 21 2013(Updated: )
Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SIMATIC PCS 7 | <=8.0 | |
Siemens SIMATIC PCS 7 | =7.1-sp3 | |
Siemens WinCC | <=7.1 | |
Siemens WinCC | =5.0 | |
Siemens WinCC | =5.0-sp1 | |
Siemens WinCC | =6.0 | |
Siemens WinCC | =6.0-sp2 | |
Siemens WinCC | =6.0-sp3 | |
Siemens WinCC | =6.0-sp4 | |
Siemens WinCC | =7.0 | |
Siemens WinCC | =7.0-sp1 | |
Siemens WinCC | =7.0-sp2 | |
Siemens WinCC | =7.0-sp3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-0675 has been classified as a high severity vulnerability due to its potential to cause remote denial of service.
To mitigate CVE-2013-0675, users should update their Siemens WinCC and SIMATIC PCS 7 software to the latest versions that contain the necessary security patches.
CVE-2013-0675 affects Siemens WinCC versions prior to 7.2 and SIMATIC PCS 7 versions before 8.0 SP1.
Yes, CVE-2013-0675 can be exploited remotely by attackers sending crafted packets to the affected software.
The impact of CVE-2013-0675 is a denial of service, potentially leading to disruption of operation for affected systems.