PT-2013-33: CRLF Injection in Siemens Simatic WinCC TIA Portal
Siemens Simatic WinCC TIA Portal
Severity level: Medium
Impact: HTTP response splitting
Access Vector: Remote
Base Score: 4.3
WinCC TIA Portal is part of a new, integrated engineering concept which offers a uniform engineering environment for programming and configuration of control, visualization and drive solutions.
The specialists of the Positive Research center have detected "CRLF Injection" vulnerability in Siemens Simatic WinCC TIA Portal.
If a user clicks on a malicious link which seems to lead to a HMI web application, it is possible to display any data to the user (HTTP response splitting).
How to fix
Update your software up to the latest version
21.09.2012 - Vendor gets vulnerability details
15.03.2013 - Vendor releases fixed version and details
29.03.2013 - Public disclosure
The vulnerability was discovered by Artem Chaykin, Positive Research Center (Positive Technologies Company)
Reports on the vulnerabilities previously discovered by Positive Research: