CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4875

Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute arbitrary code via vectors related to Unicode strings.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.41

EPSS Ranking 97.2%

CVSS Severity

CVSS v2 Score 9.3

References

Products affected by CVE-2011-4875

Siemens » Simatic Hmi Panels » Version: comfort_panels

cpe:2.3:a:siemens:simatic_hmi_panels:comfort_panels
Siemens » Simatic Hmi Panels » Version: mobile_panels

cpe:2.3:a:siemens:simatic_hmi_panels:mobile_panels
Siemens » Simatic Hmi Panels » Version: mp

cpe:2.3:a:siemens:simatic_hmi_panels:mp
Siemens » Simatic Hmi Panels » Version: op

cpe:2.3:a:siemens:simatic_hmi_panels:op
Siemens » Simatic Hmi Panels » Version: tp

cpe:2.3:a:siemens:simatic_hmi_panels:tp
Siemens » Wincc » Version: v11

cpe:2.3:a:siemens:wincc:v11
Siemens » Wincc Flexible » Version: 2004

cpe:2.3:a:siemens:wincc_flexible:2004
Siemens » Wincc Flexible » Version: 2005

cpe:2.3:a:siemens:wincc_flexible:2005
Siemens » Wincc Flexible » Version: 2007

cpe:2.3:a:siemens:wincc_flexible:2007
Siemens » Wincc Flexible » Version: 2008

cpe:2.3:a:siemens:wincc_flexible:2008
Siemens » Wincc Flexible Runtime » Version: Any

cpe:2.3:a:siemens:wincc_flexible_runtime:*
Siemens » Wincc Runtime Advanced » Version: v11

cpe:2.3:a:siemens:wincc_runtime_advanced:v11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4875

Products

Pricing

Contact Us