CVE-2014-8552
SIMATIC WinCC 7.0-7.3, PCS 7 7.1-8.1, TIA Portal 13 - Unauthenticated Arbitrary File Read
Title source: llmDescription
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf
Scores
EPSS
0.0012
EPSS Percentile
30.2%
Details
CWE
CWE-200
Status
published
Products (8)
siemens/simatic_pcs7
7.1 sp3 (2 CPE variants)
siemens/simatic_pcs7
8.0 sp1 (2 CPE variants)
siemens/simatic_pcs7
8.1
siemens/simatic_pcs_7
7.1 sp1
siemens/simatic_tiaportal
13.0 (3 CPE variants)
siemens/simatic_wincc
7.0 (4 CPE variants)
siemens/simatic_wincc
7.2 1 (8 CPE variants)
siemens/simatic_wincc
7.3 1
Published
Nov 26, 2014
Tracked Since
Feb 18, 2026