Lucene search
K

3867 matches found

ICS
ICS
added 2011/09/24 6:0 a.m.66 views

Siemens Simatic HMI Authentication Vulnerabilities

Overview ICS-CERT is aware of a public report by independent security researchers Billy Rios and Terry McCorkle concerning authentication bypass vulnerabilities affecting Siemens SIMATIC HMI products which are supervisory control and data acquisition/human-machine interface SCADA/HMI products...

10CVSS7.8AI score0.03119EPSS
Exploits0References10
ICS
ICS
added 2011/06/10 12:0 a.m.5 views

Siemens SIMATIC S7-1200 CPU V1/V2 Devices

SUMMARY SIMATIC S7-1200 CPU V1/V2 controllers contain two vulnerabilities that could allow an unauthenticated remote attacker - to trigger functions by record and playback of legitimate network communication, or - to place the controller in stop/defect state by causing a communications error...

7.2AI score
Exploits0References10
ThreatPost
ThreatPost
added 2011/05/23 4:53 p.m.12 views

Metasploit Holding On Siemens Exploits

UPDATE: A week after a security researcher decided to cancel a technical discussion of security holes in industrial control software from Siemens, Inc., public exploits for the vulnerabilities are on hold while the company works to shore up systems running its Simatic programmable logic controlle...

7.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2011/05/19 4:12 p.m.10 views

SCADA Holes Allowed Remote Takedown of Siemens Systems

Security researcher Dillon Beresford decided not to present a talk at the TakedownCon in Dallas on Thursday, citing concerns about mayhem that could have resulted. But in an e-mail, he told Threatpost that the vulnerabilities could allow remote attackers to start or stop Siemens Programmable Logi...

0.5AI score
Exploits0References5
CVE
CVE
added 2010/07/22 10:0 a.m.389 views

CVE-2010-2772

CVE-2010-2772 affects Siemens SIMATIC WinCC and SIMATIC PCS 7: a security bypass via default hard-coded SQL credentials allows remote attackers to access the backend database with administrative-like access. The vulnerability is tied to use of default credentials in the WinCC SQL server, permitti...

7.8CVSS7.2AI score0.0055EPSS
In wildExploits2References14Affected Software1
ATTACKERKB
ATTACKERKB
added 2010/07/22 12:0 a.m.60 views

CVE-2010-2772

Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568. Recent assessments: Assessed Attacker...

9.3CVSS5.5AI score0.91324EPSS
In wildExploits15References15
Tenable Nessus
Tenable Nessus
added 2006/12/11 12:0 a.m.15 views

Siemens SIMATIC PDM Detection

Binary data scadaappsiemenspdmdetect.nbin...

7.3AI score
Exploits0
Rows per page
Query Builder