CVSS: 10.0EPSS: 3%CPEs: 12EXPL: 0CVE-2011-4513
https://notcve.org/view.php?id=CVE-2011-4513
03 Feb 2012 — Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. Siemens WinCC flexible 2004, 2005, 2007 y 2008; WinCC V11 (TIA portal); TP, OP, MP, Comfort Panels y Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced y Win... • http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf •
CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 0CVE-2011-4514
https://notcve.org/view.php?id=CVE-2011-4514
03 Feb 2012 — The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers to obtain access via a TCP session. El demonio TELNET de Siemens WinCC flexible 2004, 2005, 2007 y 2008; WinCC V11 (TIA portal); TP, OP, MP, Comfort Panels y Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime A... • http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf • CWE-287: Improper Authentication •