CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-0677

The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a crafted project file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 62.7%

CVSS Severity

CVSS v2 Score 5.8

References

http://ics-cert.us-cert.gov/pdf/ICSA-13-079-02.pdf
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf
http://ics-cert.us-cert.gov/pdf/ICSA-13-079-02.pdf
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-714398.pdf

Products affected by CVE-2013-0677

Siemens » Simatic Pcs7 » Version: 7.1

cpe:2.3:a:siemens:simatic_pcs7:7.1
Siemens » Simatic Pcs7 » Version: 8.0

cpe:2.3:a:siemens:simatic_pcs7:8.0
Siemens » Wincc » Version: 5.0

cpe:2.3:a:siemens:wincc:5.0
Siemens » Wincc » Version: 6.0

cpe:2.3:a:siemens:wincc:6.0
Siemens » Wincc » Version: 7.0

cpe:2.3:a:siemens:wincc:7.0
Siemens » Wincc » Version: 7.1

cpe:2.3:a:siemens:wincc:7.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-0677

Products

Pricing

Contact Us