Thursday, August 1, 2013

SSA-064884: WinCC/TIA Portal fixes



Siemens updates WinCC SCADA and TIA Portal to fix two minor issues in HMI panels discovered by our team:

  • CVE-2013-4911: CSRF (Cross-site request forgery) attacks, compromising integrity and availability of the system
  • CVE-2013-4912: URL redirection to untrusted websites

Thanks for Timur Yunusov and Sergey Bobrov for research and thanks for Siemens Product CERT for fix and collaboration.

Details

Siemens SSA-064884:


ICS-CERT ICSA-13-213-02:https://ics-cert.us-cert.gov/advisories/ICSA-13-213-02

Enjoy

1 comment:

  1. Hello Everybody,
    My name is Mrs Sharon Sim. I live in Singapore and i am a happy woman today? and i told my self that any lender that rescue my family from our poor situation, i will refer any person that is looking for loan to him, he gave me happiness to me and my family, i was in need of a loan of $250,000.00 to start my life all over as i am a single mother with 3 kids I met this honest and GOD fearing man loan lender that help me with a loan of $250,000.00 SG. Dollar, he is a GOD fearing man, if you are in need of loan and you will pay back the loan please contact him tell him that is Mrs Sharon, that refer you to him. contact Dr Purva Pius, call/whats-App Contact Number +918929509036 via email:(urgentloan22@gmail.com) Thank you.

    ReplyDelete