The version of Siemens SIMATIC WinCC (TIA Portal) installed on the remote host is 13.x prior to 13 service pack 2 (1300.200.1001.1) or 14.x prior to 14 service pack 1 (1400.100.1201.1). It is, therefore, affected by multiple denial of service vulnerabilities :
A denial of service vulnerability exists due to improper handling of PROFINET DCP broadcast packets. A remote attacker can exploit this, via a specially crafted packet, to cause a denial of service condition.
(CVE-2017-6865)
A denial of service vulnerability exists in the DCOM interface due to improper handling of specially crafted messages. An authenticated, remote attacker who is a member of the ‘administrators’ group can exploit this, via a specially crafted message, to cause a denial of service condition. (CVE-2017-6867)
Binary data scada_siemens_tia_wincc_13SP2_14SP1.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
siemens | simatic_tiaportal | cpe:/a:siemens:simatic_tiaportal | |
siemens | wincc | cpe:/a:siemens:wincc |