Kaspersky LabKLA10534KLA10534 Sensitive information obtain vulnerabilities in Siemens SIMATIC STEP
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.2%
Improper password store and other uncnown vulnerability were found in SIMATIC STEP 7. By exploiting these vulnerabilities malicious users can obtain sensitive information. These vulnerabilities can be exploited remotely via an unknown vectors.
Original advisories
Related products
CVE list
CVE-2015-1602 warning
CVE-2015-1601 high
Solution
Install updates
Impacts
- OSI
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Affected Products
- Siemens SIMATIC STEP 7 12 all versionsSiemens SIMATIC STEP 7 13 versions earlier thanΒ 13 SP1 Upd1
Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.7 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
49.2%