Improper input validation in Siemens Wincc

CVE-2015-2822

Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC Runtime Advanced before WinCC (TIA Portal) 13 SP1 Upd2 allow man-in-the-middle attackers to cause a denial of service via crafted packets on TCP por…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.006 (69.9th percentile) — read the EPSS interpretation.

Affected products

Siemens Wincc
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

74028 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM)