CVE-2011-4513

Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader.

Published: Feb 3, 2012
Updated: Apr 13, 2023
CVE: CVE-2011-4513
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
siemens / wincc_flexible	2004	2004.x
siemens / wincc_flexible	2008	2008.x
siemens / wincc_flexible	2007	2007.x
siemens / wincc_flexible	2005	2005.x
siemens / wincc	11	11.x
siemens / simatic_hmi_panels	tp	tp.x
siemens / simatic_hmi_panels	op	op.x
siemens / simatic_hmi_panels	mobile_panels	mobile_panels.x
siemens / simatic_hmi_panels	comfort_panels	comfort_panels.x
siemens / simatic_hmi_panels	mp	mp.x
siemens / wincc_runtime_advanced	11	11.x
siemens / wincc_flexible_runtime	-	-

Vulnerability Database

289,784

CVE-2011-4513