var-201202-0164
Vulnerability from variot
HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to cause a denial of service (application crash) by sending crafted data over TCP. Miniweb has a security vulnerability that allows an attacker to submit a specially crafted HTTP POST request to allow the server to access any illegal memory area while checking the extension of the requested file. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. HmiLoad provides functions that read data and unicode strings with stack-based buffer overflows, allowing an attacker to exploit a vulnerability to execute arbitrary code. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. When the transfer mode is enabled, the runtime loader listens on the 2308/TCP or 50523/TCP port. Since the incoming data is not fully verified, there are multiple denial of service attacks that can crash the program. A directory traversal vulnerability exists in the HmiLoad server that allows reading, writing, and deleting arbitrary files outside of the specified directory. Attackers can exploit these issues to execute arbitrary code in the context of the affected application, read/write or delete arbitrary files outside of the server root directory, or cause denial-of-service conditions; other attacks may also be possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0164",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic wincc flexible runtime",
"scope": null,
"trust": 3.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc flexible sp2",
"scope": "eq",
"trust": 3.3,
"vendor": "siemens",
"version": "2008"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 2.4,
"vendor": "siemens",
"version": "mp"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 2.4,
"vendor": "siemens",
"version": "op"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 2.4,
"vendor": "siemens",
"version": "tp"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 1.7,
"vendor": "siemens",
"version": "2008"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 1.7,
"vendor": "siemens",
"version": "2007"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 1.7,
"vendor": "siemens",
"version": "2005"
},
{
"model": "simatic wincc flexible",
"scope": "eq",
"trust": 1.7,
"vendor": "siemens",
"version": "2004"
},
{
"model": "wincc",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "v11"
},
{
"model": "wincc flexible",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "2005"
},
{
"model": "wincc runtime advanced",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "v11"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "comfort_panels"
},
{
"model": "wincc flexible",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "2004"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 1.6,
"vendor": "siemens",
"version": "mobile_panels"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 1.4,
"vendor": "siemens",
"version": "v11"
},
{
"model": "wincc flexible",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2008"
},
{
"model": "wincc flexible",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2007"
},
{
"model": "wincc flexible runtime",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "comfort panels"
},
{
"model": "simatic hmi panels",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "mobile panels"
},
{
"model": "simatic wincc flexible rumtime",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc runtime advanced",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "v11"
},
{
"model": "simatic wincc runtime advanced",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic hmi panels",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "wincc flexible runtime",
"scope": null,
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic wincc flexible runtime",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "simatic wincc flexible sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2008"
},
{
"model": "simatic wincc flexible sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "2005"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc flexible",
"version": "2004"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc flexible",
"version": "2005"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc flexible",
"version": "2007"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc flexible",
"version": "2008"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc",
"version": "v11"
},
{
"model": "comfort panels",
"scope": null,
"trust": 0.2,
"vendor": "simatic hmi panels",
"version": null
},
{
"model": "mobile panels",
"scope": null,
"trust": 0.2,
"vendor": "simatic hmi panels",
"version": null
},
{
"model": "mp",
"scope": null,
"trust": 0.2,
"vendor": "simatic hmi panels",
"version": null
},
{
"model": "op",
"scope": null,
"trust": 0.2,
"vendor": "simatic hmi panels",
"version": null
},
{
"model": "tp",
"scope": null,
"trust": 0.2,
"vendor": "simatic hmi panels",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc runtime advanced",
"version": "v11"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "wincc flexible runtime",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5108"
},
{
"db": "CNVD",
"id": "CNVD-2011-5110"
},
{
"db": "CNVD",
"id": "CNVD-2011-5103"
},
{
"db": "CNVD",
"id": "CNVD-2011-5107"
},
{
"db": "CNVD",
"id": "CNVD-2012-0467"
},
{
"db": "CNVD",
"id": "CNVD-2011-5105"
},
{
"db": "BID",
"id": "50828"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001319"
},
{
"db": "NVD",
"id": "CVE-2011-4877"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-092"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2005:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc:v11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:tp:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:op:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:mobile_panels:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:mp:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_hmi_panels:comfort_panels:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_runtime_advanced:v11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:wincc_flexible_runtime:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4877"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "BID",
"id": "50828"
},
{
"db": "CNNVD",
"id": "CNNVD-201111-480"
}
],
"trust": 0.9
},
"cve": "CVE-2011-4877",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-4877",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-52822",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4877",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-092",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-52822",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-52822"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001319"
},
{
"db": "NVD",
"id": "CVE-2011-4877"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-092"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to cause a denial of service (application crash) by sending crafted data over TCP. Miniweb has a security vulnerability that allows an attacker to submit a specially crafted HTTP POST request to allow the server to access any illegal memory area while checking the extension of the requested file. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. HmiLoad provides functions that read data and unicode strings with stack-based buffer overflows, allowing an attacker to exploit a vulnerability to execute arbitrary code. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. When the transfer mode is enabled, the runtime loader listens on the 2308/TCP or 50523/TCP port. Since the incoming data is not fully verified, there are multiple denial of service attacks that can crash the program. A directory traversal vulnerability exists in the HmiLoad server that allows reading, writing, and deleting arbitrary files outside of the specified directory. \nAttackers can exploit these issues to execute arbitrary code in the context of the affected application, read/write or delete arbitrary files outside of the server root directory, or cause denial-of-service conditions; other attacks may also be possible",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4877"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001319"
},
{
"db": "CNVD",
"id": "CNVD-2011-5108"
},
{
"db": "CNVD",
"id": "CNVD-2011-5110"
},
{
"db": "CNVD",
"id": "CNVD-2011-5103"
},
{
"db": "CNVD",
"id": "CNVD-2011-5107"
},
{
"db": "CNVD",
"id": "CNVD-2012-0467"
},
{
"db": "CNVD",
"id": "CNVD-2011-5105"
},
{
"db": "BID",
"id": "50828"
},
{
"db": "IVD",
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-52822"
}
],
"trust": 5.4
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-52822",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52822"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "50828",
"trust": 3.9
},
{
"db": "NVD",
"id": "CVE-2011-4877",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-030-01",
"trust": 3.4
},
{
"db": "SIEMENS",
"id": "SSA-345442",
"trust": 1.7
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-332-02A",
"trust": 1.1
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-332-02",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "18166",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "77382",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201202-092",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-0467",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001319",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-5108",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-5110",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-5103",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-5107",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-5105",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201111-480",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-030-01A",
"trust": 0.3
},
{
"db": "IVD",
"id": "28B0BC2E-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-52822",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5108"
},
{
"db": "CNVD",
"id": "CNVD-2011-5110"
},
{
"db": "CNVD",
"id": "CNVD-2011-5103"
},
{
"db": "CNVD",
"id": "CNVD-2011-5107"
},
{
"db": "CNVD",
"id": "CNVD-2012-0467"
},
{
"db": "CNVD",
"id": "CNVD-2011-5105"
},
{
"db": "VULHUB",
"id": "VHN-52822"
},
{
"db": "BID",
"id": "50828"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001319"
},
{
"db": "NVD",
"id": "CVE-2011-4877"
},
{
"db": "CNNVD",
"id": "CNNVD-201111-480"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-092"
}
]
},
"id": "VAR-201202-0164",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5108"
},
{
"db": "CNVD",
"id": "CNVD-2011-5110"
},
{
"db": "CNVD",
"id": "CNVD-2011-5103"
},
{
"db": "CNVD",
"id": "CNVD-2011-5107"
},
{
"db": "CNVD",
"id": "CNVD-2012-0467"
},
{
"db": "CNVD",
"id": "CNVD-2011-5105"
},
{
"db": "VULHUB",
"id": "VHN-52822"
}
],
"trust": 4.553665231428571
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 3.8
}
],
"sources": [
{
"db": "IVD",
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5108"
},
{
"db": "CNVD",
"id": "CNVD-2011-5110"
},
{
"db": "CNVD",
"id": "CNVD-2011-5103"
},
{
"db": "CNVD",
"id": "CNVD-2011-5107"
},
{
"db": "CNVD",
"id": "CNVD-2012-0467"
},
{
"db": "CNVD",
"id": "CNVD-2011-5105"
}
]
},
"last_update_date": "2023-12-18T12:22:07.932000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-345442",
"trust": 0.8,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
},
{
"title": "\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
"trust": 0.8,
"url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.siemens.com/entry/jp/ja/"
},
{
"title": "Patch for Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 file download vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/72694"
},
{
"title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 memory access vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/72697"
},
{
"title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 Buffer Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/72705"
},
{
"title": "Siemens SIMATIC WinCC Flexible Runtime \u0027HmiLoad.exe\u0027 service crash vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/72689"
},
{
"title": "Patch for Siemens SIMATIC WinCC HMI Denial of Service Attack Vulnerability (CNVD-2012-0467)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/9073"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5108"
},
{
"db": "CNVD",
"id": "CNVD-2011-5110"
},
{
"db": "CNVD",
"id": "CNVD-2011-5103"
},
{
"db": "CNVD",
"id": "CNVD-2011-5107"
},
{
"db": "CNVD",
"id": "CNVD-2012-0467"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001319"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-52822"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001319"
},
{
"db": "NVD",
"id": "CVE-2011-4877"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.9,
"url": "http://aluigi.altervista.org/adv/winccflex_1-adv.txt"
},
{
"trust": 3.4,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf"
},
{
"trust": 1.7,
"url": "http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf"
},
{
"trust": 1.1,
"url": "http://www.exploit-db.com/exploits/18166"
},
{
"trust": 1.1,
"url": "http://aluigi.org/adv/winccflex_1-adv.txt"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02.pdf"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02a.pdf"
},
{
"trust": 1.1,
"url": "http://www.osvdb.org/77382"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71451"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4877"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4877"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/50828"
},
{
"trust": 0.3,
"url": "http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5108"
},
{
"db": "CNVD",
"id": "CNVD-2011-5110"
},
{
"db": "CNVD",
"id": "CNVD-2011-5103"
},
{
"db": "CNVD",
"id": "CNVD-2011-5107"
},
{
"db": "CNVD",
"id": "CNVD-2012-0467"
},
{
"db": "CNVD",
"id": "CNVD-2011-5105"
},
{
"db": "VULHUB",
"id": "VHN-52822"
},
{
"db": "BID",
"id": "50828"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001319"
},
{
"db": "NVD",
"id": "CVE-2011-4877"
},
{
"db": "CNNVD",
"id": "CNNVD-201111-480"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-092"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5108"
},
{
"db": "CNVD",
"id": "CNVD-2011-5110"
},
{
"db": "CNVD",
"id": "CNVD-2011-5103"
},
{
"db": "CNVD",
"id": "CNVD-2011-5107"
},
{
"db": "CNVD",
"id": "CNVD-2012-0467"
},
{
"db": "CNVD",
"id": "CNVD-2011-5105"
},
{
"db": "VULHUB",
"id": "VHN-52822"
},
{
"db": "BID",
"id": "50828"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001319"
},
{
"db": "NVD",
"id": "CVE-2011-4877"
},
{
"db": "CNNVD",
"id": "CNNVD-201111-480"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-092"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-07T00:00:00",
"db": "IVD",
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5108"
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5110"
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5103"
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5107"
},
{
"date": "2012-02-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0467"
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5105"
},
{
"date": "2012-02-03T00:00:00",
"db": "VULHUB",
"id": "VHN-52822"
},
{
"date": "2011-11-28T00:00:00",
"db": "BID",
"id": "50828"
},
{
"date": "2012-02-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001319"
},
{
"date": "2012-02-03T20:55:01.983000",
"db": "NVD",
"id": "CVE-2011-4877"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201111-480"
},
{
"date": "2012-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-092"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5108"
},
{
"date": "2016-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5110"
},
{
"date": "2016-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5103"
},
{
"date": "2016-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5107"
},
{
"date": "2012-02-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0467"
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5105"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-52822"
},
{
"date": "2012-04-18T21:20:00",
"db": "BID",
"id": "50828"
},
{
"date": "2012-02-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001319"
},
{
"date": "2017-08-29T01:30:37.270000",
"db": "NVD",
"id": "CVE-2011-4877"
},
{
"date": "2011-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201111-480"
},
{
"date": "2012-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-092"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201111-480"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-092"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Siemens Product HmiLoad Service disruption in ( Application crash ) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001319"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "28b0bc2e-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-092"
}
],
"trust": 0.8
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.