Unrated severityNVD Advisory· Published Sep 16, 2011· Updated Apr 29, 2026

CVE-2011-3321

Description

Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC flexible Runtime and SIMATIC WinCC (TIA Portal) Runtime Advanced, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted packet to TCP port 2308.

Affected products

Siemens Foundation/Simatic Wincc Flexible Runtime
cpe:2.3:a:siemens:simatic_wincc_flexible_runtime:*:*:*:*:*:*:*:*
Siemens Foundation/Simatic Wincc Runtime
cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:advanced:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/46011nvdVendor Advisory
www.us-cert.gov/control_systems/pdf/ICSA-11-244-01.pdfnvdUS Government Resource
cache.automation.siemens.com/dnl/jI/jI0NDY5AAAA_29054992_FAQ/Siemens_Security_Advisory_SSA-460621_V1_2.pdfnvd
support.automation.siemens.com/WW/view/en/29054992nvd
exchange.xforce.ibmcloud.com/vulnerabilities/69803nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000