Wednesday, March 20, 2013

WinCC vulnerabilities: fresh meat


New vulnerabilities/fixes in Siemens WinCC 7.0 SP3 Update 1

CVE-2013-0678/ MISSING ENCRYPTION OF SENSITIVE DATA
CVE-2013-0676 IMPROPER AUTHORIZATION
CVE-2013-0677  XXE OOB in project files
CVE-2013-0679 RELATIVE PATH TRAVERSAL
CVE-2013-0674, CVE-2013-0675 BUFFER OVERFLOW

+ lot of good stuff for WinCC Flexible in TIA Portal V11.

More details @infiltratecon and @phdays.

Thanks to Gleb Gritsai, Sergey Bobrov, Roman Ilin, Artem Chaykin, Timur Yunusov, Ilya Karpov, Alexey Osipov, Sergey Gordeychik, Dmitry Nagibin and Siemens CERT/Product team. 

SSA-212483
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf

SSA-714398
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf

ICSA-13-079-02
http://ics-cert.us-cert.gov/pdf/ICSA-13-079-02.pdf

Enjoy!

PS. Exploits for WinCC? No way! This is Out Of Band.

1 comment:

  1. Hello Everybody,
    My name is Mrs Sharon Sim. I live in Singapore and i am a happy woman today? and i told my self that any lender that rescue my family from our poor situation, i will refer any person that is looking for loan to him, he gave me happiness to me and my family, i was in need of a loan of $250,000.00 to start my life all over as i am a single mother with 3 kids I met this honest and GOD fearing man loan lender that help me with a loan of $250,000.00 SG. Dollar, he is a GOD fearing man, if you are in need of loan and you will pay back the loan please contact him tell him that is Mrs Sharon, that refer you to him. contact Dr Purva Pius, call/whats-App Contact Number +918929509036 via email:(urgentloan22@gmail.com) Thank you.

    ReplyDelete