{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T09:43:40.578","vulnerabilities":[{"cve":{"id":"CVE-2016-9160","sourceIdentifier":"productcert@siemens.com","published":"2016-12-17T03:59:00.263","lastModified":"2025-04-12T10:46:40.837","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions."},{"lang":"es","value":"Una vulnerabilidad en SIEMENS SIMATIC WinCC (Todas las versions < SIMATIC WinCC V7.2) y SIEMENS SIMATIC PCS 7 (Todas las versiones < SIMATIC PCS 7 V8.0 SP1) podría permitir a un atacante remoto bloquear un componente ActiveX o filtrar partes de la memoria de aplicación si un usuario es engañado para hacer clic en un enlace malicioso bajo ciertas condiciones."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-111"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-254"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*","versionEndIncluding":"8.0","matchCriteriaId":"78F045C4-8DC2-4FA8-833D-B430EA26F2A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*","versionEndIncluding":"7.1","matchCriteriaId":"71370ADD-85DC-407A-99F3-8F5386EBFBCE"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/94825","source":"productcert@siemens.com"},{"url":"http://www.securitytracker.com/id/1037435","source":"productcert@siemens.com"},{"url":"http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf","source":"productcert@siemens.com"},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04","source":"productcert@siemens.com"},{"url":"http://www.securityfocus.com/bid/94825","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id/1037435","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}