{"containers": {"cna": {"affected": [{"product": "Siemens SIMATIC WinCC", "vendor": "n/a", "versions": [{"status": "affected", "version": "Siemens SIMATIC WinCC"}]}], "datePublic": "2017-05-10T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the \"administrators\" group to crash services by sending specially crafted messages to the DCOM interface."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-06-13T09:57:01.000Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"name": "98368", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/98368"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2017-6867", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Siemens SIMATIC WinCC", "version": {"version_data": [{"version_value": "Siemens SIMATIC WinCC"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the \"administrators\" group to crash services by sending specially crafted messages to the DCOM interface."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-787: Out-of-bounds Write"}]}]}, "references": {"reference_data": [{"name": "98368", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98368"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf"}, {"name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf", "refsource": "CONFIRM", "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T15:41:17.675Z"}, "title": "CVE Program Container", "references": [{"name": "98368", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/98368"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2017-6867", "datePublished": "2017-05-11T10:00:00.000Z", "dateReserved": "2017-03-13T00:00:00.000Z", "dateUpdated": "2024-08-05T15:41:17.675Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "8D6229A2-9B8E-4F76-8425-589D2CE58B16", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "F64B795A-7E66-49AE-BE40-E8EEAC12D280", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13:sp1:*:*:professional:*:*:*", "matchCriteriaId": "F8FA6B17-FA61-44FC-BAA7-AAC63ECBD996", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14:*:*:*:professional:*:*:*", "matchCriteriaId": "B0E21465-76ED-4803-A40A-539500B993F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:13:sp1:*:*:professional:*:*:*", "matchCriteriaId": "57CE0216-AA81-416B-88D2-3321D2A2A16D", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:14:*:*:*:professional:*:*:*", "matchCriteriaId": "D8893E54-CF26-448A-9C32-90E5F8D8CC84", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the \"administrators\" group to crash services by sending specially crafted messages to the DCOM interface."}, {"lang": "es", "value": "Se detect\u00f3 una vulnerabilidad en SIMATIC WinCC (versi\u00f3n V7.3 anterior a Upd 11 y versi\u00f3n V7.4 anterior a SP1), SIMATIC WinCC Runtime Professional (versi\u00f3n V13 anterior a SP2 y versi\u00f3n V14 anterior a SP1), SIMATIC WinCC (TIA Portal) Professional (versi\u00f3n V13 anterior a SP2 y versi\u00f3n V14 anterior a SP1) de Siemens, eso podr\u00eda permitir a un atacante remoto autenticado, quien es miembro del grupo de los \"administrators\" bloquear los servicios enviando mensajes especialmente dise\u00f1ados a la interfaz DCOM."}], "id": "CVE-2017-6867", "lastModified": "2026-05-13T00:24:29.033", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-11T10:29:00.260", "references": [{"source": "productcert@siemens.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/98368"}, {"source": "productcert@siemens.com", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf"}, {"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/98368"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "productcert@siemens.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}