CVE-2018-11454

CVE-2018-11454 affects Siemens SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) across v10–v15 with default installation permissions. The root cause is improper default file permissions (CWE-276) that allow a local attacker with filesystem access to manipulate files that may be transferred to d...

CVE-2018-11453

Siemens SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) are affected by CVE-2018-11453 due to improper default file permissions in the TIA Portal installer. This allows a local attacker with file system access to insert specially crafted files that may prevent startup (Denial-of-Service) or le...

CVE-2018-11454

A vulnerability has been identified in SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V10, V11, V12 All versions, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V13 All versions V13 SP2 Update 2, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V14 All versions V14 SP1 Update 6, SIMATIC STEP 7 TIA...

CVE-2018-11453

A vulnerability has been identified in SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V10, V11, V12 All versions, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V13 All versions V13 SP2 Update 2, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V14 All versions V14 SP1 Update 6, SIMATIC STEP 7 TIA...

ICSA-18-226-01 Siemens SIMATIC STEP 7 and SIMATIC WinCC (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable locally/low skill level to exploit Vendor: Siemens Equipment: SIMATIC STEP 7 TIA Portal and SIMATIC WinCC TIA Portal Vulnerabilities: Incorrect Default Permissions 2. UPDATE INFORMATION This updated advisory is a follow-up to the original...

Siemens OpenSSL Vulnerability in Industrial Products (Update E)

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : Industrial Products Vulnerability : Cleartext Transmission of Sensitive Information 2. UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory titled ICSA-18-226-02 Siemens...

CVE-2017-6865

CVE-2017-6865 is a DoS vulnerability in Siemens PROFINET DCP handling affecting multiple Siemens products (WinCC, STEP 7/TIA Portal, PCS 7, WinAC/WinCC flexible, SCT, SINEMA, SINUMERIK, etc.). The root cause is improper input validation, where specially crafted PROFINET DCP broadcast packets on a...

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update G)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

SIMATIC Manager Step7 5.5 SP1 DLL Hijacking

Exploit Title: SIMATIC Manager Step7 DLL Hijacking Cve : 2012-3015 Author: Ashiyane Digital Security Team Vendor Homepage: siemens.com Version: =5.5 SP1 Tested on:Windows 7 Exploit by : Amir.ght Description: Company Name: SIEMENS AG Product Name: SIEMENS STEP 7/S7TM Programmable Controller...

Siemens SIMATIC STEP 7 (TIA Portal) < 14 Unquoted Service Path Local Privilege Escalation (SSA-701708)

Binary data scadasiemenstiastep7SSA-701708.nbin...

CVE-2016-7959

Siemens SIMATIC STEP 7 TIA Portal before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack...

Information disclosure

Siemens SIMATIC STEP 7 TIA Portal before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to a file and conducting a brute-force attack...

Format string

Siemens SIMATIC STEP 7 TIA Portal before 14 uses an improper format for managing TIA project files during version updates, which makes it easier for local users to obtain sensitive configuration information via unspecified vectors...

CVE-2016-7959

Siemens SIMATIC STEP 7 (TIA Portal) before version 14 stores pre‑shared key data in TIA project files, enabling local attackers with file access to brute‑force and read sensitive information. The vulnerability is described across multiple sources (NVD entry for CVE-2016-7959 and PT Security advis...

Siemens SIMATIC STEP 7 (TIA Portal) Information Disclosure Vulnerabilities

OVERVIEW Siemens has released a new version of SIMATIC STEP 7 TIA Portal to mitigate information disclosure vulnerabilities. These vulnerabilities were reported directly to Siemens by Dmitry Sklyarov and Gleb Gritsai from Positive Technologies. Siemens has produced a new version to mitigate these...

Siemens SIMATIC STEP 7 TIA Portal Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-15-050-01 Siemens SIMATIC STEP 7 TIA Portal Vulnerabilities that was published February 19, 2015, on the NCCIC/ICS-CERT web site. Siemens has identified two vulnerabilities in its SIMATIC STEP 7 TIA Portal. Siemens...

Siemens SIMATIC STEP 7 TIA Portal Vulnerabilities

OVERVIEW Aleksandr Timorin from Positive Technologies has identified authentication vulnerabilities in the Siemens SIMATIC STEP 7 TIA Portal application. Siemens has produced a service pack that mitigates these vulnerabilities. AFFECTED PRODUCTS The following Siemens products are affected: SIMATI...

CVE-2015-1602

Siemens SIMATIC STEP 7 TIA Portal 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext 1 protection-level passwords or 2 web-server passwords by leveraging the ability to read these files...

Information disclosure

Siemens SIMATIC STEP 7 TIA Portal 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors...

Default credentials

Siemens SIMATIC STEP 7 TIA Portal 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext 1 protection-level passwords or 2 web-server passwords by leveraging the ability to read these files...