{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Siemens SIMATIC STEP7 versions inf\u00e9rieures \u00e0 V5.5 SP1 ;","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}},{"description":"Siemens SIMATIC PCS7 versions V7.1 SP3 et inf\u00e9rieures.","product":{"name":"N/A","vendor":{"name":"Siemens","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2012-3015","url":"https://www.cve.org/CVERecord?id=CVE-2012-3015"}],"links":[],"reference":"CERTA-2012-AVI-402","revisions":[{"description":"version initiale.","revision_date":"2012-07-25T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Des vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits <span\nclass=\"textit\">Siemens</span> <span class=\"textit\">SIMATIC STEP7</span>\net <span class=\"textit\">SIMATIC PCS7</span>. Elle sont dues \u00e0 des\nv\u00e9rifications effectu\u00e9es de fa\u00e7on incompl\u00e8te lors du chargement de\nbiblioth\u00e8ques partag\u00e9es (DLL) et permettent \u00e0 un attaquant d'ex\u00e9cuter du\ncode arbitraire \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9s dans Siemens SIMATIC STEP et PCS","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Siemens SSA-110665 du 23 juillet 2012","url":"http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf"}]}