Unrated severityNVD Advisory· Published Feb 3, 2012· Updated Apr 29, 2026

CVE-2011-4513

Description

Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader.

Affected products

Siemens Foundation/Simatic Hmi Panels5 versions
cpe:2.3:a:siemens:simatic_hmi_panels:comfort_panels:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:siemens:simatic_hmi_panels:comfort_panels:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_hmi_panels:mobile_panels:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_hmi_panels:mp:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_hmi_panels:op:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_hmi_panels:tp:*:*:*:*:*:*:*
Siemens Foundation/Wincc Flexible4 versions
cpe:2.3:a:siemens:wincc_flexible:2004:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:siemens:wincc_flexible:2004:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:wincc_flexible:2005:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:wincc_flexible:2007:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:wincc_flexible:2008:*:*:*:*:*:*:*
Siemens Foundation/Wincc Flexible Runtime
cpe:2.3:a:siemens:wincc_flexible_runtime:*:*:*:*:*:*:*:*
Siemens Foundation/Wincc Runtime Advanced
cpe:2.3:a:siemens:wincc_runtime_advanced:v11:*:*:*:*:*:*:*
Siemens Foundation/Wincc
cpe:2.3:a:siemens:wincc:v11:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdfnvdVendor Advisory
www.us-cert.gov/control_systems/pdf/ICSA-12-030-01.pdfnvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000