virus logo Intrusion Prevention

Siemens.SIMATIC.WinCC.Flexible.Runtime.Stack.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a Buffer Overflow vulnerability in Siemens SIMATIC WinCC Flexible Runtime.
The vulnerability is caused because the vulnerable application fails to perform adequate bounds checking on user-supplied data. A remote attacker can exploit this vulnerability by sending a malicious request. Successful attacks may allow the attacker to execute arbitrary code in the security context of the affected application.

affected-products-logoAffected Products

Siemens SIMATIC WinCC flexible Runtime 2008 SP2 update 13 and prior.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor-supplied patches.
Restrict access to trusted hosts only.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://portal.telussecuritylabs.com/threat/TSL20111201-01
ID 30523
Created Dec 22, 2011
Updated Jan 17, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows
Affected App SCADA