CVE-2013-0675

EUVD-2013-0686
Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
siemenssimatic_pcs7
𝑥
≤ 8.0
siemenssimatic_pcs7
7.1:sp3
siemenswincc
𝑥
≤ 7.1
siemenswincc
5.0
siemenswincc
5.0:sp1
siemenswincc
6.0
siemenswincc
6.0:sp2
siemenswincc
6.0:sp3
siemenswincc
6.0:sp4
siemenswincc
7.0
siemenswincc
7.0:sp1
siemenswincc
7.0:sp2
siemenswincc
7.0:sp3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://ics-cert.us-cert.gov/pdf/ICSA-13-079-02.pdf
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf
http://ics-cert.us-cert.gov/pdf/ICSA-13-079-02.pdf
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf