Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC flexible Runtime and SIMATIC WinCC (TIA Portal) Runtime Advanced, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted packet to TCP port 2308.

Published : 2011-09-16 12:35 Updated : 2017-08-29 01:30

CVSS Score More info
Score 9.3 / 10
Vendor Product Version URI
Siemens Simatic Wincc Flexible Runtime cpe:/a:siemens:simatic_wincc_flexible_runtime
Siemens Simatic Wincc Runtime - cpe:/a:siemens:simatic_wincc_runtime:-::~~advanced~~~
  1. Siemens (2) Search CVE
    1. Simatic Wincc Runtime (1) Search CVE
      1. -
    2. Simatic Wincc Flexible Runtime (1) Search CVE


ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

History of changes

Date Event
2017-08-29 06:02
2011-09-16 12:35