Monday, February 16, 2015

Siemens SIMATIC TIA Portal (Step 7/WinCC) fixes

New vulnerabilities from out team and new patches from Siemens

CVE-2015-1358 and CVE-2014-4686 are all abut VNC code reuse.

CVE-2015-1355 and CVE-2015-1356 we can’t name vulnerabilities. Local weaknesses, defects in security feature implementations… But it fixed, thanks Siemens.



Kudos: Gleb Gritsai, Roman Ilin, Aleksandr Tlyapov, Aleksandr Timorin and Sergey Gordeychik

Details:
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-234789.pdf

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-543623.pdf 

Enjoy


No comments:

Post a Comment