ID CVE-2011-4515
Type cve
Modified 2013-05-31T04:00:00


Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access. Per

INSECURE PASWORD STORAGE User credentials for the HMI’s Web application are stored within the HMI’s system. These data are obfuscated in a reversible way and arereadable and writable for users with physical access or Sm@rt Server access to the system.