Unrated severityNVD Advisory· Published Mar 21, 2013· Updated Apr 29, 2026

CVE-2013-0670

Description

CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

Affected products

Siemens Foundation/Wincc Tia Portal
cpe:2.3:a:siemens:wincc_tia_portal:11.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdfnvdVendor Advisory
ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdfnvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000