3 matches found
CVE-2012-4693
Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Pssecurity.ini, which makes it easier for local users to discover passwords by reading this file...
CVE-2012-4693
CVE-2012-4693 affects Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite, which store passwords in Ps_security.ini using a weak, reversible encryption. The vulnerability allows a local attacker with read access to Ps_security.ini to decrypt usernames and passwords and potent...
Siemens ProcessSuite and Invensys Intouch Poorly Encrypted Password File
Overview This advisory provides mitigation details for a vulnerability that impacts Siemens ProcessSuite and Invensys Wonderware InTouch products. Researcher Seth Bromberger of NCI Security, LLC and independent researcher Slade Griffin have identified an insecure password storage vulnerability in...