Information disclosure

2015-08-0301:59:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

40.5%

JSON

The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Android do not properly store passwords, which allows physically proximate attackers to obtain sensitive information via unspecified vectors.

CPENameOperatorVersion
simatic_wincc_sm\\@rtclientle1.0
simatic_wincc_sm\\@rtclient_litele1.0

CPE	Name	Operator	Version
	simatic_wincc_sm\\@rtclient	le	1.0
	simatic_wincc_sm\\@rtclient_lite	le	1.0

References

www.securityfocus.com/bid/75981

www.securitytracker.com/id/1033021

ics-cert.us-cert.gov/advisories/ICSA-15-202-02

www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-267489.pdf