1 results (0.001 seconds)
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2017-12069
https://notcve.org/view.php?id=CVE-2017-12069
30 Aug 2017 — An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system t... • http://www.securityfocus.com/bid/100559 • CWE-611: Improper Restriction of XML External Entity Reference •