WHAT IS WINCC SYSTEMS PATCH
Siemens currently has no plans to patch this vulnerability.
This vulnerability requires a basic skill level to exploit. No publicly available exploits are known to specifically target this vulnerability. This vulnerability is remotely exploitable if a system has been configured with the WinCC flexible Runtime Loader and WinCC (TIA Portal) Runtime Advanced Loader enabled. MITRE has assigned number CVE-2011-3321 to this vulnerability. Remote code execution may also be possible. A specially crafted packet can result in memory corruption, leading to a denial of service. The runtime loader does not properly sanitize inputs on 2308/TCP. Vulnerability Characterization Vulnerability Overview
WHAT IS WINCC SYSTEMS SOFTWARE
This software is used in many industries, including: food and beverage, water and wastewater, oil and gas, and chemical. These products run on standard PCs or on Siemens panel PCs. Siemens SIMATIC WinCC flexible and WinCC (TIA Portal) Runtime Advanced is a software package used for visualization and machine or small system operations. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their environment, architecture, and product implementation. Impact to individual organizations depends on many factors that are unique to each organization. Successful exploitation of this vulnerability may result in the ability to execute arbitrary code on the targeted human-machine interface system. Siemens SIMATIC WinCC (TIA Portal) Runtime Advanced.Affected ProductsĪccording to Siemens, the following software packages are vulnerable:
However, Siemens has provided recommended mitigations to assist asset owners with protecting their systems. Siemens has not issued a patch to address this vulnerability.
ICS-CERT has coordinated with Siemens and the researchers. Independent security researchers Billy Rios and Terry McCorkle have reported a memory corruption vulnerability in the WinCC Runtime Advanced Loader, which is a component of both Siemens SIMATIC WinCC flexible and TIA Portal.
WHAT IS WINCC SYSTEMS INSTALL
This web page release was delayed to allow users sufficient time to download and install the update. ICS-CERT originally released Advisory ICSA-11-244-01P on the US-CERT secure Portal on September 01, 2011.