CVE-2016-9160
N/A
N/A
Summary
A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) | SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) | affected |
Weaknesses
- CWE-111: CWE-111: Direct Use of Unsafe JNI
ADP Enrichment
CVE Program Container
Additional References
- http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf
- http://www.securitytracker.com/id/1037435
- https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04
- http://www.securityfocus.com/bid/94825
References
- http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf
- http://www.securitytracker.com/id/1037435
- https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04
- http://www.securityfocus.com/bid/94825
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.