CVE-2013-0674 Information

Description

Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2 as used in SIMATIC PCS7 before 8.0 SP1 and other products allows remote attackers to execute arbitrary code via a long parameter.

Reference

http://ics-cert.us-cert.gov/pdf/ICSA-13-079-02.pdf http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf