3 matches found
CVE-2014-4683
The CVE-2014-4683 issue affects Siemens SIMATIC WinCC WebNavigator: remote authenticated users can escalate privileges via HTTP/HTTPS requests to the WebNavigator server (ports 80/443). Sources describe Prague: Privilege gain through WebNavigator’s access control, with explicit remediation in upd...
KLA10393 LPE & OSI vulnerabilities in Siemens Simatic WinCC
Multiple serious vulnerabilities have been found in Siemens Simatic WinCC. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. An unsafe encryption key can be exploited remotely via key extraction; 2...
Siemens SIMATIC WinCC Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-14-205-02 Siemens SIMATIC WinCC Vulnerabilities that was published July 24, 2014, on the NCCIC/ICS-CERT web site. Researchers Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai of Positive...