Sign-up

ID

VAR-201301-0374


CVE

CVE-2013-0656


TITLE

Siemens SIMATIC RF Manager ActiveX Control Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: 9c548dac-1f3c-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-00295

DESCRIPTION

Buffer overflow in a third-party ActiveX component in Siemens SIMATIC RF-MANAGER 2008, and RF-MANAGER Basic 3.0 and earlier, allows remote attackers to execute arbitrary code via a crafted web site. Siemens SIMATIC RF Manager is an RFID reader engineering and configuration tool. The Siemens SIMATIC RF Manager ActiveX control is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Siemens SIMATIC is an automation software with a single engineering environment. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Siemens SIMATIC RF Manager ActiveX Control Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA51845 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51845/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51845 RELEASE DATE: 2013-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/51845/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/51845/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=51845 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Siemens SIMATIC RF Manager, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in an unspecified ActiveX control and can be exploited to cause a buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in RF-MANAGER 2008 and RF-MANAGER Basic versions 3.0 and prior. SOLUTION: Patch is available by contacting vendor support (see the vendor's advisory for more details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-099741.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.97

sources: NVD: CVE-2013-0656 // JVNDB: JVNDB-2013-001226 // CNVD: CNVD-2013-00295 // BID: 57324 // IVD: 9c548dac-1f3c-11e6-abef-000c29c66e3d // IVD: 2162b0f4-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-60658 // PACKETSTORM: 119516

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 9c548dac-1f3c-11e6-abef-000c29c66e3d // IVD: 2162b0f4-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-00295

AFFECTED PRODUCTS

vendor:siemensmodel:simatic rf-managerscope:eqversion:2008

Trust: 1.6

vendor:siemensmodel:simatic rf-manager 2008scope:lteversion:3.0

Trust: 1.0

vendor:siemensmodel:simatic rf manager basicscope:eqversion:3.x

Trust: 0.8

vendor:siemensmodel:simatic rf-manager 2008scope: - version: -

Trust: 0.8

vendor:siemensmodel:simatic rf-manager basicscope:lteversion:3.0

Trust: 0.8

vendor:siemensmodel:simatic rf managerscope:eqversion:2008

Trust: 0.6

vendor:siemensmodel:simatic rf-manager 2008scope:eqversion:3.0

Trust: 0.6

vendor:siemensmodel:simatic rf manager basicscope:eqversion:3.0

Trust: 0.3

vendor:siemensmodel:simatic rf managerscope:eqversion:20080

Trust: 0.3

vendor:siemensmodel:simatic rf managerscope:eqversion:2008*

Trust: 0.2

vendor:simatic rf managermodel: - scope:eqversion:2008

Trust: 0.2

vendor:simatic rf manager 2008model: - scope:eqversion:*

Trust: 0.2

sources: IVD: 9c548dac-1f3c-11e6-abef-000c29c66e3d // IVD: 2162b0f4-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-00295 // BID: 57324 // JVNDB: JVNDB-2013-001226 // CNNVD: CNNVD-201301-401 // NVD: CVE-2013-0656

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-0656
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-0656
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201301-401
value: MEDIUM

Trust: 0.6

IVD: 9c548dac-1f3c-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 2162b0f4-2353-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-60658
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-0656
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: 9c548dac-1f3c-11e6-abef-000c29c66e3d
severity: NONE
baseScore: NONE
vectorString: NONE
accessVector: NONE
accessComplexity: NONE
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: UNKNOWN

Trust: 0.2

IVD: 2162b0f4-2353-11e6-abef-000c29c66e3d
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-60658
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 9c548dac-1f3c-11e6-abef-000c29c66e3d // IVD: 2162b0f4-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-60658 // JVNDB: JVNDB-2013-001226 // CNNVD: CNNVD-201301-401 // NVD: CVE-2013-0656

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-60658 // JVNDB: JVNDB-2013-001226 // NVD: CVE-2013-0656

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201301-401

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 9c548dac-1f3c-11e6-abef-000c29c66e3d // IVD: 2162b0f4-2353-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201301-401

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-001226

PATCH
title:Top Pageurl:http://www.siemens.com/entry/cc/en/
Trust: 0.8
title:SSA-099471: Buffer overflow in Simatic RF Managerurl:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-099741.pdf
Trust: 0.8
title:シーメンスソリューションパートナーurl:http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx
Trust: 0.8
title:シーメンス・ジャパン株式会社url:http://www.siemens.com/answers/jp/ja/
Trust: 0.8
title:Patch for the Siemens SIMATIC RF Manager ActiveX Control Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/29256
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-00295 // 
            
            
            
            JVNDB: JVNDB-2013-001226

EXTERNAL IDS
db:NVDid:CVE-2013-0656
Trust: 3.0
db:ICS CERTid:ICSA-13-014-01
Trust: 2.8
db:SIEMENSid:SSA-099741
Trust: 2.7
db:CNNVDid:CNNVD-201301-401
Trust: 0.9
db:CNVDid:CNVD-2013-00295
Trust: 0.8
db:JVNDBid:JVNDB-2013-001226
Trust: 0.8
db:BIDid:57324
Trust: 0.4
db:IVDid:9C548DAC-1F3C-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:2162B0F4-2353-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:SECUNIAid:51845
Trust: 0.2
db:VULHUBid:VHN-60658
Trust: 0.1
db:PACKETSTORMid:119516
Trust: 0.1
sources:
            
            
            IVD: 9c548dac-1f3c-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: 2162b0f4-2353-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2013-00295 // 
            
            
            
            VULHUB: VHN-60658 // 
            
            
            
            BID: 57324 // 
            
            
            
            JVNDB: JVNDB-2013-001226 // 
            
            
            
            PACKETSTORM: 119516 // 
            
            
            
            CNNVD: CNNVD-201301-401 // 
            
            
            
            NVD: CVE-2013-0656

REFERENCES
url:http://www.us-cert.gov/control_systems/pdf/icsa-13-014-01.pdf
Trust: 2.8
url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-099741.pdf
Trust: 2.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0656
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0656
Trust: 0.8
url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-099741.pdfhttp
Trust: 0.6
url:http://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo&lang=en&objid=66829257&caller=view
Trust: 0.3
url:http://www.siemens.com/
Trust: 0.3
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/51845/#comments
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=51845
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/blog/325/
Trust: 0.1
url:http://secunia.com/advisories/51845/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-00295 // 
            
            
            
            VULHUB: VHN-60658 // 
            
            
            
            BID: 57324 // 
            
            
            
            JVNDB: JVNDB-2013-001226 // 
            
            
            
            PACKETSTORM: 119516 // 
            
            
            
            CNNVD: CNNVD-201301-401 // 
            
            
            
            NVD: CVE-2013-0656

CREDITS
Reported by the vendor.
Trust: 0.3
sources:
            
            
            BID: 57324

SOURCES
db:IVDid:9c548dac-1f3c-11e6-abef-000c29c66e3d
db:IVDid:2162b0f4-2353-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2013-00295
db:VULHUBid:VHN-60658
db:BIDid:57324
db:JVNDBid:JVNDB-2013-001226
db:PACKETSTORMid:119516
db:CNNVDid:CNNVD-201301-401
db:NVDid:CVE-2013-0656

LAST UPDATE DATE
2025-04-11T23:16:38.616000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-00295date:2013-05-28T00:00:00
db:VULHUBid:VHN-60658date:2013-01-22T00:00:00
db:BIDid:57324date:2013-01-11T00:00:00
db:JVNDBid:JVNDB-2013-001226date:2013-01-23T00:00:00
db:CNNVDid:CNNVD-201301-401date:2013-01-22T00:00:00
db:NVDid:CVE-2013-0656date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:IVDid:9c548dac-1f3c-11e6-abef-000c29c66e3ddate:2013-01-17T00:00:00
db:IVDid:2162b0f4-2353-11e6-abef-000c29c66e3ddate:2013-01-22T00:00:00
db:CNVDid:CNVD-2013-00295date:2013-01-17T00:00:00
db:VULHUBid:VHN-60658date:2013-01-21T00:00:00
db:BIDid:57324date:2013-01-11T00:00:00
db:JVNDBid:JVNDB-2013-001226date:2013-01-23T00:00:00
db:PACKETSTORMid:119516date:2013-01-14T06:30:10
db:CNNVDid:CNNVD-201301-401date:2013-01-22T00:00:00
db:NVDid:CVE-2013-0656date:2013-01-21T21:55:01.230