Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-3020
siemens
synco
ozw
web server
firmware
default password
remote access
security vulnerability
cve-2012-3020
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.6%
The Siemens Synco OZW Web Server devices OZW672., OZW772., and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain administrative access via a network session.
Affected configurations
Node
siemenssynco_ozw_web_serverMatchozw672.01
ORsiemenssynco_ozw_web_serverMatchozw672.04
ORsiemenssynco_ozw_web_serverMatchozw672.16
ORsiemenssynco_ozw_web_serverMatchozw772.01
ORsiemenssynco_ozw_web_serverMatchozw772.04
ORsiemenssynco_ozw_web_serverMatchozw772.16
ORsiemenssynco_ozw_web_serverMatchozw772.250
ORsiemenssynco_ozw_web_serverMatchozw775
siemenssynco_ozw_web_server_firmwareRange≤3.0
Related
ics
ics
Siemens Synco OZW Default Password
2013-05-08 12:00:00
nvd
nvd
CVE-2012-3020
2012-08-06 16:55:04
prion
prion
Default credentials
2012-08-06 16:55:00
cvelist
cvelist
CVE-2012-3020
2022-10-03 16:15:23
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.6%
Related for CVE-2012-3020