VDB
CVE-2017-14023
CVE-2017-14023
PUBLISHED
CVSS 4 MEDIUM
An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface.
EPSS 2.77% · 86.3th percentile
Risk Scores
CVSS 2.0
4
EPSS Score
2.77%
86.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| siemens | simatic_wincc | 7.3 |
| n/a | Siemens SIMATIC PCS 7 | Siemens SIMATIC PCS 7 |
| siemens | simatic_pcs7 | 8.2, 8.1 |
Exploit Intelligence
- https://ics-cert.us-cert.gov/advisories/ICSA-17-306-01 (circl)
- 1039729 (circl)
- 101680 (circl)
Timeline
- Aug 31, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 11, 2023 EPSS Score