PT-2020-20605 · Isomorphic · Smartclient

Name of the Vulnerable Software and Affected Versions: SmartClient version 12.0 Description: An issue was discovered in SmartClient where an unauthenticated attacker can make a POST request to "/tools/developerConsoleOperations.jsp" or "/isomorphic/IDACall" with malformed XML data in the...

CVE-2020-9352

An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...

CVE-2020-9352

An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...

CVE-2020-9353

An issue was discovered in SmartClient 12.0. The Remote Procedure Call RPC loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp or /isomorphic/IDACall URL is affected by unauthenticated Local File Inclusion via directory-traversal sequences in the elem XML...

PT-2020-20607 · Isomorphic · Smartclient

Name of the Vulnerable Software and Affected Versions: SmartClient version 12.0 Description: An issue was discovered in the Remote Procedure Call RPC loadFile provided by the console functionality. The issue affects the /tools/developerConsoleOperations.jsp or /isomorphic/IDACall URL, where...

CVE-2020-9353

SmartClient 12.0 contains an unauthenticated Local File Inclusion in the RPC loadFile console tool, exposed at /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall). The vulnerability arises from directory-traversal patterns in the elem XML element within the _transaction parameter, allo...

CVE-2020-9352

SmartClient 12.0 is affected by an unauthenticated blind XML External Entity (XXE) in the downloadWSDL feature. An attacker can trigger the vulnerability by sending a POST to /tools/developerConsoleOperations.jsp with a valid payload in the _transaction parameter. The issue is documented across m...

CVE-2020-9351

An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request to /tools/developerConsoleOperations.jsp or /isomorphic/IDACall with malformed XML data in the transaction parameter, the server replies with a verbose error showing where the application resides the...

PT-2020-20606 · Isomorphic · Smartclient

Name of the Vulnerable Software and Affected Versions: SmartClient version 12.0 Description: An issue was discovered in the downloadWSDL feature, allowing unauthenticated exploitation of blind XXE. This can occur by sending a POST request to the "/tools/developerConsoleOperations.jsp" endpoint wi...

CVE-2020-9351

Summary of vulnerability (CVE-2020-9351) : In SmartClient 12.0, an unauthenticated attacker can send a POST to /tools/developerConsoleOperations.jsp or /isomorphic/IDACall with malformed XML in the _transaction parameter, causing the server to return a verbose error that reveals the absolute path...

Siemens Patches Authentication Bypass Flaw in SiPass Server

A handful of vulnerabilities in Siemens’ SiPass integrated server have been patched, including one that allows an attacker to bypass authentication on the box. SiPass is the company’s integrated access control server managing physical access in a number of industries and use cases. The product...

Siemens SIMATIC WinCC Sm@rtClient for Android Man-in-the-Middle Attack Vulnerability

Siemens SIMATIC WinCC Sm@rtClient for Android is a client program on Android systems.Siemens SIMATIC is an automation software with a single engineering environment. A man-in-the-middle attack vulnerability exists in Siemens SIMATIC WinCC Sm@rtClient for Android, where an existing implementation ...

SQL Injection Vulnerability in SmartClient.asmx?op Page of Xinwei Software E-learning System

E-learning management system is an online learning platform of Shenzhen Xinwei Software Co. A SQL injection vulnerability exists in the SmartClient.asmx?op page of Xinwei Software's E-learning system. An attacker can exploit the vulnerability to obtain sensitive information from the website...

CVE-2015-5084

The CVE-2015-5084 issue affects Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite for Android prior to 01.00.01.00. The root cause is improper storage of Sm@rtServer passwords, enabling a locally proximate attacker to retrieve sensitive credentials via unspecified vectors. Impact is credenti...

Siemens SIMATIC WinCC Sm@rtClient app Information Disclosure Vulnerability

Siemens SIMATIC WinCC is the monitoring control and data acquisition SCADA and HMI system. An information disclosure vulnerability exists in Siemens SIMATIC WinCC Sm@rtClient app versions prior to 1.0.2, which allows an attacker to discover Sm@rtServer credentials by exploiting an error in the...

Design/Logic Flaw

The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to extract the password from storage via unspecified vectors...

CVE-2014-5231

The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to extract the password from storage via unspecified vectors...

NewV SmartClient ActiveX multiple security vulnerabilities

Buffer overflows, files access, code execution...

NewvCommon.ocx ActiveX Insecure Method Vulnerability

NewvCommon.ocx ActiveX Insecure Method Vulnerability ======== Vulnerable:All Version Vendor:www.newv.com.cn Details: ======== A Insecure method vulnerability has been found in NewV SmartClient. The specific flaw exists within the DelFile method of the Newv ActiveX control NewvCommon.ocx. The...

NewvCommon.ocx ActiveX Remote Code Execution Vulnerability

NewvCommon.ocx ActiveX Remote Code Execution Vulnerability ======== Vulnerable:All Version Vendor:www.newv.com.cn Details: ======== A remote buffer overflow vulnerability has been found in NewV SmartClient. The specific flaw exists within the WriteTextFile method of the Newv ActiveX control...