← Back

CVE-2016-5743

nvd nist
Published: Jul 22, 2016Modified: May 6, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.

Affected (5)

Siemens
3 products
Simatic Batch
Simatic Wincc
Simatic Openpcs 7
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Simatic Batch
Up to 7.1
Siemens
Simatic Wincc
Up to 7.3
Simatic Wincc
Up to 7.4
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Simatic Openpcs 7
Up to 8.1
Running on/withPlatform Versions
Siemens
Simatic Pcs 7
Up to 8.1
Configuration C
1 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Simatic Openpcs 7
Up to 8.2
Running on/withPlatform Versions
Siemens
Simatic Pcs 7
Up to 8.2
Siemens
Simatic Wincc Runtime Professional
Up to 13

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
MitigationVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.