Unrated severityNVD Advisory· Published Aug 1, 2013· Updated Jun 16, 2026
CVE-2013-4911
CVE-2013-4911
Description
Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to hijack the authentication of unspecified victims by leveraging improper configuration of SIMATIC HMI panels by the WinCC product.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:siemens:wincc:11.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:siemens:wincc:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:wincc:11.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:siemens:wincc:11.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:siemens:wincc:12.0:*:*:*:*:*:*:*
- Range: 11, 12 (<12 SP1)
Patches
Vulnerability mechanics
References
7- www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-064884.pdfnvdVendor Advisory
- scadastrangelove.blogspot.com/2013/08/ssa-064884-wincctia-portal-fixes.htmlnvd
- secunia.com/advisories/54051nvd
- secunia.com/advisories/54252nvd
- www.securityfocus.com/bid/61536nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/86099nvd
- ics-cert.us-cert.gov/advisories/ICSA-13-213-02nvd
News mentions
0No linked articles in our index yet.