Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-3015
cve-2012-3015
siemens simatic step7
untrusted search path
vulnerability
privilege escalation
nvd
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.7%
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.
Affected configurations
Node
siemenssimatic_pcs7Range≤7.1sp3
ORsiemenssimatic_step_7Range≤5.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| siemens:simatic_pcs7 | siemens simatic pcs7 | le | 7.1 |
| siemens:simatic_step_7 | siemens simatic step 7 | le | 5.5 |
References
Social References
More
Related
prion
prion
Design/Logic Flaw
2012-07-26 10:41:00
nvd
nvd
CVE-2012-3015
2012-07-26 10:41:47
cvelist
cvelist
CVE-2012-3015
2022-10-03 16:15:23
ics
ics
Siemens SIMATIC STEP 7 DLL Vulnerability
2013-05-08 12:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
20.7%
Related for CVE-2012-3015