VAR-201607-0466
Vulnerability from variot - Updated: 2023-12-18 13:14Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets. The SIMATIC WinCC (Windows Control Center) window control center is Siemens' process monitoring system, providing complete monitoring and data acquisition (SCADA) functions for the industrial sector. The SIMATIC WinCC presence file contains a vulnerability. Successful exploits may allow an attacker to read arbitrary files in the context of the user running the affected application. This may aid in further attacks. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). A security vulnerability exists in Siemens SIMATIC WinCC versions 7.0 to SP3 and 7.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201607-0466",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic wincc",
"scope": "eq",
"trust": 3.3,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 2.5,
"vendor": "siemens",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "simatic wincc",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3 for up to 7.0"
},
{
"model": "simatic wincc update",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "7.41"
},
{
"model": "simatic wincc update",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "7.310"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc",
"version": "7.2"
}
],
"sources": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "BID",
"id": "92116"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5744"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergey Temnikov and Vladimir Dashchenko, Critical Infrastructure Defence\nTeam, Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "92116"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5744",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-5744",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-05345",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-94563",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-5744",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5744",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-05345",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201607-905",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-94563",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "VULHUB",
"id": "VHN-94563"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets. The SIMATIC WinCC (Windows Control Center) window control center is Siemens\u0027 process monitoring system, providing complete monitoring and data acquisition (SCADA) functions for the industrial sector. The SIMATIC WinCC presence file contains a vulnerability. \nSuccessful exploits may allow an attacker to read arbitrary files in the context of the user running the affected application. This may aid in further attacks. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). A security vulnerability exists in Siemens SIMATIC WinCC versions 7.0 to SP3 and 7.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "BID",
"id": "92116"
},
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "VULHUB",
"id": "VHN-94563"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5744",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-378531",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-16-208-01",
"trust": 2.2
},
{
"db": "BID",
"id": "92116",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1036441",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-05345",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096",
"trust": 0.8
},
{
"db": "IVD",
"id": "C953B84A-1100-47F7-A149-3E8BDFF937C4",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-94563",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "VULHUB",
"id": "VHN-94563"
},
{
"db": "BID",
"id": "92116"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"id": "VAR-201607-0466",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "VULHUB",
"id": "VHN-94563"
}
],
"trust": 1.5491014650000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
}
]
},
"last_update_date": "2023-12-18T13:14:28.604000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-378531",
"trust": 0.8,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf"
},
{
"title": "The SIMATIC WinCC presence file contains a patch for the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/79587"
},
{
"title": "Siemens SIMATIC WinCC Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63265"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94563"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf"
},
{
"trust": 2.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-208-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/92116"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036441"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5744"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5744"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "VULHUB",
"id": "VHN-94563"
},
{
"db": "BID",
"id": "92116"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "VULHUB",
"id": "VHN-94563"
},
{
"db": "BID",
"id": "92116"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-25T00:00:00",
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"date": "2016-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"date": "2016-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-94563"
},
{
"date": "2016-07-25T00:00:00",
"db": "BID",
"id": "92116"
},
{
"date": "2016-08-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"date": "2016-07-22T15:59:01.397000",
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"date": "2016-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-94563"
},
{
"date": "2016-07-25T00:00:00",
"db": "BID",
"id": "92116"
},
{
"date": "2016-08-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"date": "2016-11-28T20:29:10.953000",
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"date": "2016-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC In any WinCC Vulnerability in reading station files",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…