Siemens WinCC Flexible Multiple Vulnerabilities
November 29, 2011 (Updated December 2, 2011)
Security researcher Luigi Auriemma has publically disclosed
vulnerabilities that affect the Siemens WinCC Flexible
application.
The reported vulnerabilities affect WinCC Flexible Runtime
Loader (HmiLoad.exe), a component of Siemens SIMATIC WinCC
Flexible 2008. When the Runtime Loader is running in
Transfer mode, it might be possible to remotely exploit the
vulnerabilities via port 2308/tcp.
Attackers can exploit these issues to execute arbitrary code
in the context of the affected application, read/write or
delete arbitrary files outside of the server root directory,
or cause denial-of-service conditions; other attacks may
also be possible.