EUVD-2016-6679

Malware in sbrugna...

EUVD-2018-5748

Malware in sbrugna...

EUVD-2013-3890

Malware in sbrugna...

EUVD-2019-2632

Malware in sbrugna...

EUVD-2021-27538

Malicious code in bioql PyPI...

CVE-2013-0676

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query...

CVE-2013-3959

The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, exhibits different behavior for NetBIOS user names depending on whether the user account exists, which allows remote authenticated users to enumerate account names via crafted U...

Siemens SIMATIC 安全漏洞

SIMATIC PCS 7 is a process control system.SIMATIC WinCC is an automated data acquisition and monitoring SCADA system.SIMATIC WinCC Runtime Professional is used for operator visualization of the runtime platform for the control and monitoring of machines and equipment. A denial of service...

The vulnerability of SIMATIC NET PC Software, WinCC, and SINAUT Software lies in the use of outdated functions, which allow an intruder to gain unauthorized access to encrypted data.

The vulnerabilities of SIMATIC NET PC Software, WinCC, and SINAUT Software are related to the use of outdated functions. Exploiting these vulnerabilities can allow an intruder, operating remotely, to gain unauthorized access to encrypted data...

CVE-2021-40363

A vulnerability has been identified in SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions V9.1 SP1, SIMATIC WinCC V15 and earlier All versions V15 SP1 Update 7, SIMATIC WinCC V16 All versions V16 Update 5, SIMATIC WinCC V17 All versions V17 Update 2,...

The vulnerability of the Simatic WinCC software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The implementation of SQL code on the Web Navigator system’s input screen allows malicious actors operating remotely to execute arbitrary SQL commands...

The vulnerability of the automated system for managing technological processes of SIMATIC WinCC allows a remote attacker to elevate their privileges.

Siemens SIMATIC WinCC software vulnerabilities, related to a tightly encrypted encryption key. Exploiting this vulnerability allows a malicious individual to elevate their privileges in the WinCC Project Administration application, provided that the data transmitted by the authorized user over th...

PT-2013-44: Forced browsing in Siemens WinCC and SIMATIC PCS 7

The specialists of the Positive Research center have detected a vulnerability, which can be used to gain access to usernames in Siemens WinCC and SIMATIC PCS 7. The WinCC Web Navigator 7.2 allows a user with authenticated access to probe for valid NetBIOS user names by manipulating URL parameters...

PT-2014-13: Privilege Gaining in Siemens SIMATIC WinCC

The specialists of the Positive Research center have detected a Privilege Gaining vulnerability in SIMATIC WinCC. Existing access control of the WinCC WebNavigator server at port 80/tcp and port 443/tcp could allow remote authenticated users to escalate their privileges in WinCC. How to fix Updat...