RULE(RULE ID:310304)

Rule General Information
Release Date: 2016-02-22
Rule Name: Siemens SIMATIC Wincc Regreader Activex Control Buffer Overflow Vulnerability -3 (CVE-2013-0674)
Rule Protection Details
Description: Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long parameter.
Impact: A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks include arbitrary code execution and denial of service.
Affected OS: Windows
Upgrade to version 7.1 to solve the problem.