PT-2013-35: Cross-Site Scripting in Siemens Simatic WinCC TIA Portal

Vulnerable software

Siemens Simatic WinCC TIA Portal
Version: 11.x

Application link:

Severity level

Severity level: Medium
Impact: Reflected Cross-Site Scripting
Access Vector: Remote  

CVSS v2:
Base Score: 4.3
Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVE: CVE-2013-0668

Software description

WinCC TIA Portal is part of a new, integrated engineering concept which offers a uniform engineering environment for programming and configuration of control, visualization and drive solutions.

Vulnerability description

The specialists of the Positive Research center have detected "Cross-Site Scripting" vulnerability in Siemens Simatic WinCC TIA Portal.

The HMI’s web application is susceptible to reflected Cross-Site-Scripting attacks. If a legitimate user clicks on a malicious link, JavaScript code may get executed and session information may be stolen.

How to fix

Update your software up to the latest version

Advisory status

21.09.2012 - Vendor gets vulnerability details
15.03.2013 - Vendor releases fixed version and details
29.03.2013 - Public disclosure


The vulnerability was discovered by Artem Chaykin, Positive Research Center (Positive Technologies Company)


Reports on the vulnerabilities previously discovered by Positive Research:

4G and 5G are not ready for smart cities