The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability CVE-2016-9158 CVE-2016-9159

SIMATIC S7: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of SIMATIC S7.
Impacted products: SIMATIC.
Severity: 2/4.
Creation date: 09/12/2016.
Identifiers: CERTFR-2016-AVI-405, CVE-2016-9158, CVE-2016-9159, SSA-731239, VIGILANCE-VUL-21345.

Description of the vulnerability

Several vulnerabilities were announced in SIMATIC S7.

An attacker can send malicious HTTP packets, in order to trigger a denial of service. [severity:2/4; CVE-2016-9158]

An attacker can bypass security features via ISO-TSAP, in order to escalate his privileges. [severity:2/4; CVE-2016-9159]
Complete Vigil@nce bulletin.... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides network vulnerability alerts. The technology watch team tracks security threats targeting the computer system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce vulnerability database contains several thousand vulnerabilities.