Multiple Siemens Products CVE-2017-12069 XML External Entity Injection Vulnerability

Bugtraq ID: 100559
Class: Input Validation Error
CVE: CVE-2017-12069
Remote: Yes
Local: No
Published: Aug 31 2017 12:00AM
Updated: Oct 12 2018 04:00AM
Credit: Sergey Temnikov of Kaspersky Lab.
Vulnerable: Siemens SIMATIC WinCC Runtime Professional 14
Siemens SIMATIC WinCC Runtime Professional 13
Siemens SIMATIC WinCC 7.4
Siemens SIMATIC WinCC 7.3
Siemens SIMATIC WinCC 7.2
Siemens SIMATIC WinCC 7.0
Siemens SIMATIC PCS 7 8.1
Siemens SIMATIC PCS 7 8.0
Siemens SIMATIC PCS 7 7.1
Siemens SIMATIC NET PC-Software 14
Siemens SIMATIC NET PC-Software 13 SP2
Siemens SIMATIC NET PC-Software 13 HF1
Siemens SIMATIC NET PC-Software 13
Siemens SIMATIC NET PC-Software 12 SP2 HF3
Siemens SIMATIC NET PC-Software 12
Siemens SIMATIC IT Production Suite 0
SAP Plant Connectivity 15.0
Not Vulnerable: Siemens SIMATIC WinCC Runtime Professional 14 SP1
Siemens SIMATIC WinCC 7.4 SP1


 

Privacy Statement
Copyright 2010, SecurityFocus