The vulnerability of the Simatic WinCC software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability exists in the implementation of the Web Navigator interface in Siemens WinCC, due to the presence of a strictly encrypted user account. Exploiting this vulnerability allows malicious individuals operating remotely to gain access to the system through a specially crafted request...