Lucene search

[email protected]CVE-2010-2772

HistoryJul 22, 2010 - 5:43 a.m.

CVE-2010-2772

2010-07-2205:43:00

CWE-798

[email protected]

web.nvd.nist.gov

185

In Wild

siemens

simatic

wincc

pcs 7

scada

hard-coded password

vulnerability

back-end database

stuxnet

cve-2010-2772

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

38.7%

JSON

Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.

CPENameOperatorVersion
siemens:simatic_winccsiemens simatic wincceq6.2
siemens:simatic_winccsiemens simatic wincceq7.0
siemens:simatic_pcs_7siemens simatic pcs 7eq7.1
siemens:simatic_pcs_7siemens simatic pcs 7eq6.0
siemens:simatic_pcs_7siemens simatic pcs 7eq6.1
siemens:simatic_pcs_7siemens simatic pcs 7eq7.0

CPE	Name	Operator	Version
siemens:simatic_wincc	siemens simatic wincc	eq	6.2
siemens:simatic_wincc	siemens simatic wincc	eq	7.0
siemens:simatic_pcs_7	siemens simatic pcs 7	eq	7.1
siemens:simatic_pcs_7	siemens simatic pcs 7	eq	6.0
siemens:simatic_pcs_7	siemens simatic pcs 7	eq	6.1
siemens:simatic_pcs_7	siemens simatic pcs 7	eq	7.0

References

ics-cert.us-cert.gov/advisories/ICSA-12-205-01

infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725

infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr

krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/

secunia.com/advisories/40682

support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c

www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1

www.f-secure.com/weblog/archives/00001987.html

www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx

www.securityfocus.com/bid/41753

www.vupen.com/english/advisories/2010/1893

www.wilderssecurity.com/showpost.php?p=1712134&postcount=22

www.wired.com/threatlevel/2010/07/siemens-scada/

exchange.xforce.ibmcloud.com/vulnerabilities/60587