CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
92.4%
Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.
Vendor | Product | Version | CPE |
---|---|---|---|
siemens | simatic_batch | * | cpe:2.3:a:siemens:simatic_batch:*:*:*:*:*:*:*:* |
siemens | simatic_wincc | * | cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:* |
siemens | simatic_pcs_7 | * | cpe:2.3:a:siemens:simatic_pcs_7:*:sp1:*:*:*:*:*:* |
siemens | simatic_openpcs_7 | * | cpe:2.3:a:siemens:simatic_openpcs_7:*:*:*:*:*:*:*:* |
siemens | simatic_pcs_7 | * | cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:* |
siemens | simatic_wincc_runtime_professional | * | cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:sp1:*:*:*:*:*:* |
More
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
92.4%