CVE-2013-3957 – most dangers one. Simple SQL Injection because some configuration and architectural issues an attacker can execute arbitrary code in context of SQL server. This vulnerability can be exploited not only via WebNavigator (e.g. HTTP), but via WinCC Runtime Client (e.g. OPC). So Cisco Applied Mitigation Bulletin 29768 should be fixed to filter OPC traffic also.
CVE-2013-3958 and CVE-2013-3959 is funny stuff because… Because
Alexander Tlyapov, Sergey Gordeychik and Timur Yunusov.
Thanks to Siemens Product CERT for collaboration and fixes.
Special thanks to Dec for the slide 44