CVE-2014-1697 Information

Description

The integrated web server in Siemens SIMATIC WinCC OA before 3.12 P002 January allows remote attackers to execute arbitrary code via crafted packets to TCP port 4999.

Reference

http://ics-cert.us-cert.gov/advisories/ICSA-14-035-01 http://osvdb.org/102810 http://secunia.com/advisories/56651 http://www.securityfocus.com/bid/65351 http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/90933