var-201607-0466
Vulnerability from variot
Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets. The SIMATIC WinCC (Windows Control Center) window control center is Siemens' process monitoring system, providing complete monitoring and data acquisition (SCADA) functions for the industrial sector. The SIMATIC WinCC presence file contains a vulnerability. Successful exploits may allow an attacker to read arbitrary files in the context of the user running the affected application. This may aid in further attacks. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). A security vulnerability exists in Siemens SIMATIC WinCC versions 7.0 to SP3 and 7.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201607-0466",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic wincc",
"scope": "eq",
"trust": 3.3,
"vendor": "siemens",
"version": "7.2"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 2.5,
"vendor": "siemens",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "simatic wincc",
"version": "7.0"
},
{
"model": "simatic wincc",
"scope": "eq",
"trust": 0.8,
"vendor": "siemens",
"version": "7.0 sp3 for up to 7.0"
},
{
"model": "simatic wincc update",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "7.41"
},
{
"model": "simatic wincc update",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "7.310"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic wincc",
"version": "7.2"
}
],
"sources": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "BID",
"id": "92116"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5744"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergey Temnikov and Vladimir Dashchenko, Critical Infrastructure Defence\nTeam, Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "92116"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5744",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-5744",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-05345",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-94563",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-5744",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5744",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-05345",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201607-905",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-94563",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "VULHUB",
"id": "VHN-94563"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets. The SIMATIC WinCC (Windows Control Center) window control center is Siemens\u0027 process monitoring system, providing complete monitoring and data acquisition (SCADA) functions for the industrial sector. The SIMATIC WinCC presence file contains a vulnerability. \nSuccessful exploits may allow an attacker to read arbitrary files in the context of the user running the affected application. This may aid in further attacks. Siemens SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system of German Siemens (Siemens). A security vulnerability exists in Siemens SIMATIC WinCC versions 7.0 to SP3 and 7.2",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "BID",
"id": "92116"
},
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "VULHUB",
"id": "VHN-94563"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5744",
"trust": 3.6
},
{
"db": "SIEMENS",
"id": "SSA-378531",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-16-208-01",
"trust": 2.2
},
{
"db": "BID",
"id": "92116",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1036441",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2016-05345",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096",
"trust": 0.8
},
{
"db": "IVD",
"id": "C953B84A-1100-47F7-A149-3E8BDFF937C4",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-94563",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "VULHUB",
"id": "VHN-94563"
},
{
"db": "BID",
"id": "92116"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"id": "VAR-201607-0466",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "VULHUB",
"id": "VHN-94563"
}
],
"trust": 1.5491014650000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
}
]
},
"last_update_date": "2023-12-18T13:14:28.604000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-378531",
"trust": 0.8,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf"
},
{
"title": "The SIMATIC WinCC presence file contains a patch for the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/79587"
},
{
"title": "Siemens SIMATIC WinCC Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63265"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94563"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf"
},
{
"trust": 2.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-208-01"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/92116"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1036441"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5744"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5744"
},
{
"trust": 0.3,
"url": "http://subscriber.communications.siemens.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "VULHUB",
"id": "VHN-94563"
},
{
"db": "BID",
"id": "92116"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"db": "VULHUB",
"id": "VHN-94563"
},
{
"db": "BID",
"id": "92116"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-25T00:00:00",
"db": "IVD",
"id": "c953b84a-1100-47f7-a149-3e8bdff937c4"
},
{
"date": "2016-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"date": "2016-07-22T00:00:00",
"db": "VULHUB",
"id": "VHN-94563"
},
{
"date": "2016-07-25T00:00:00",
"db": "BID",
"id": "92116"
},
{
"date": "2016-08-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"date": "2016-07-22T15:59:01.397000",
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"date": "2016-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-05345"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-94563"
},
{
"date": "2016-07-25T00:00:00",
"db": "BID",
"id": "92116"
},
{
"date": "2016-08-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004096"
},
{
"date": "2016-11-28T20:29:10.953000",
"db": "NVD",
"id": "CVE-2016-5744"
},
{
"date": "2016-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC WinCC In any WinCC Vulnerability in reading station files",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004096"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201607-905"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.