Detections
Analytics

Siemens WinCC and SIMATIC HMI Panels < 11.0.2.1 Header Injection

medium Nessus Network Monitor Plugin ID 720006

Synopsis

The HMI web server in Siemens WinCC and SIMATIC HMI panels is vulnerable to HTTP header injection.

Description

CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Solution

Perform vendor recommended mitigations and apply available vendor upgrades.

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-12-030-01A,http://www.us-cert.gov/control_systems/pdf/ICSA-12-030-01.pdf,http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf

Plugin Details

Severity: Medium

ID: 720006

Family: SCADA

Published: 5/8/2019

Updated: 9/30/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

Patch Publication Date: 4/18/2012

Vulnerability Publication Date: 4/18/2012

Reference Information

CVE: CVE-2011-4512