4 matches found
CVE-2014-4682
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request...
CVE-2014-4682
CVE-2014-4682 pertains to the WebNavigator server in Siemens SIMATIC WinCC (pre-7.3). Multiple sources describe that the WebNavigator at ports 80/443 could allow unauthenticated remote access to sensitive data via specially crafted HTTP requests, with a CVSSv2 base score of 5.0. The broader Sieme...
KLA10393 LPE & OSI vulnerabilities in Siemens Simatic WinCC
Multiple serious vulnerabilities have been found in Siemens Simatic WinCC. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unsafe encryption key can be exploited remotely via key extraction; 2...
Siemens SIMATIC WinCC Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-14-205-02 Siemens SIMATIC WinCC Vulnerabilities that was published July 24, 2014, on the NCCIC/ICS-CERT web site. Researchers Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai of Positive...