CVE-2017-6867

Severity Score

4.9

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface.

Se detectó una vulnerabilidad en SIMATIC WinCC (versión V7.3 anterior a Upd 11 y versión V7.4 anterior a SP1), SIMATIC WinCC Runtime Professional (versión V13 anterior a SP2 y versión V14 anterior a SP1), SIMATIC WinCC (TIA Portal) Professional (versión V13 anterior a SP2 y versión V14 anterior a SP1) de Siemens, eso podría permitir a un atacante remoto autenticado, quien es miembro del grupo de los "administrators" bloquear los servicios enviando mensajes especialmente diseñados a la interfaz DCOM.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-03-13 CVE Reserved
2017-05-11 CVE Published
2024-08-05 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation
CWE-787: Out-of-bounds Write

CAPEC

References (3)

URL	Tag	Source
http://www.securityfocus.com/bid/98368	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf	2018-06-14

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Siemens Search vendor "Siemens"		Simatic Wincc Search vendor "Siemens" for product "Simatic Wincc"				7.3 Search vendor "Siemens" for product "Simatic Wincc" and version "7.3"		-		Affected
Siemens Search vendor "Siemens"		Simatic Wincc Search vendor "Siemens" for product "Simatic Wincc"				7.4 Search vendor "Siemens" for product "Simatic Wincc" and version "7.4"		-		Affected
Siemens Search vendor "Siemens"		Simatic Wincc \(tia Portal\) Search vendor "Siemens" for product "Simatic Wincc \(tia Portal\)"				13 Search vendor "Siemens" for product "Simatic Wincc \(tia Portal\)" and version "13"		sp1, professional		Affected
Siemens Search vendor "Siemens"		Simatic Wincc \(tia Portal\) Search vendor "Siemens" for product "Simatic Wincc \(tia Portal\)"				14 Search vendor "Siemens" for product "Simatic Wincc \(tia Portal\)" and version "14"		professional		Affected
Siemens Search vendor "Siemens"		Simatic Wincc Runtime Search vendor "Siemens" for product "Simatic Wincc Runtime"				13 Search vendor "Siemens" for product "Simatic Wincc Runtime" and version "13"		sp1, professional		Affected
Siemens Search vendor "Siemens"		Simatic Wincc Runtime Search vendor "Siemens" for product "Simatic Wincc Runtime"				14 Search vendor "Siemens" for product "Simatic Wincc Runtime" and version "14"		professional		Affected