Wednesday, February 5, 2014

Fixes for SIMATIC WinCC Open Architecture (SSA-342587/ICSA-14-035-01)

Good news! The Large Hadron Collider more safe now! Published fixes for several vulnerabilies in SIMATIC WinCC OA all versions prior to 3.12 P002.

Preauth RCE CVE-2014-1697
Path Traversal CVE-2014-1698
Preauth DoS CVE-2014-1699
Weak password "encryption" CVE-2014-1696

Kudos Gleb Gritsai, Ilya Karpov, and Kirill Nesterov.


Fixes and info

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf

https://ics-cert.us-cert.gov/advisories/ICSA-14-035-01

Enjoy

PS. It's all about slide 50 there
Posted by at
Labels: , ,
Location: Sochi, Krasnodar Krai, Russia

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)