CVE-2011-4514 : The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comf

The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers to obtain access via a TCP session.

Published 2012-02-03 20:55:02

Updated 2012-02-06 05:00:00

Source CERT/CC

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Exploit prediction scoring system (EPSS) score for CVE-2011-4514

Probability of exploitation activity in the next 30 days: 0.32%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 70 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2011-4514

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2011-4514

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-4514

http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf

Vendor Advisory

CVEs referencing this url
http://www.us-cert.gov/control_systems/pdf/ICSA-12-030-01.pdf

404 - File Not Found | CISA
US Government Resource

CVEs referencing this url

Products affected by CVE-2011-4514

Siemens » Wincc Flexible » Version: 2004
cpe:2.3:a:siemens:wincc_flexible:2004:*:*:*:*:*:*:*
Matching versions
Siemens » Wincc Flexible » Version: 2005
cpe:2.3:a:siemens:wincc_flexible:2005:*:*:*:*:*:*:*
Matching versions
Siemens » Wincc Flexible » Version: 2007
cpe:2.3:a:siemens:wincc_flexible:2007:*:*:*:*:*:*:*
Matching versions
Siemens » Wincc Flexible » Version: 2008
cpe:2.3:a:siemens:wincc_flexible:2008:*:*:*:*:*:*:*
Matching versions
Siemens » Wincc » Version: V11
cpe:2.3:a:siemens:wincc:v11:*:*:*:*:*:*:*
Matching versions
Siemens » Simatic Hmi Panels » Version: OP
cpe:2.3:a:siemens:simatic_hmi_panels:op:*:*:*:*:*:*:*
Matching versions
Siemens » Simatic Hmi Panels » Version: Comfort Panels
cpe:2.3:a:siemens:simatic_hmi_panels:comfort_panels:*:*:*:*:*:*:*
Matching versions
Siemens » Simatic Hmi Panels » Version: TP
cpe:2.3:a:siemens:simatic_hmi_panels:tp:*:*:*:*:*:*:*
Matching versions
Siemens » Simatic Hmi Panels » Version: MP
cpe:2.3:a:siemens:simatic_hmi_panels:mp:*:*:*:*:*:*:*
Matching versions
Siemens » Simatic Hmi Panels » Version: Mobile Panels
cpe:2.3:a:siemens:simatic_hmi_panels:mobile_panels:*:*:*:*:*:*:*
Matching versions
Siemens » Wincc Runtime Advanced » Version: V11
cpe:2.3:a:siemens:wincc_runtime_advanced:v11:*:*:*:*:*:*:*
Matching versions
Siemens » Wincc Flexible Runtime
cpe:2.3:a:siemens:wincc_flexible_runtime:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2011-4514

Exploit prediction scoring system (EPSS) score for CVE-2011-4514

CVSS scores for CVE-2011-4514

CWE ids for CVE-2011-4514

References for CVE-2011-4514

Products affected by CVE-2011-4514