Zero-day vulnerabilities discovered: 1
Improper input validation
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to improper input validation when processing packets sent to the WinCC server. A remote unauthenticated attacker can send a specially crafted packet and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
Note: this vulnerability has been exploited in targeted attacks.
The vulnerability has been exploited in targeted attacks involving BlackEnergy Trojan.
Software: Siemens SIMATIC WinCC
Known/fameous malware:
BlackEnergy