EUVD-2020-30175

Malware in sbrugna...

CVE-2020-9352

An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...

CVE-2020-9351

An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request to /tools/developerConsoleOperations.jsp or /isomorphic/IDACall with malformed XML data in the transaction parameter, the server replies with a verbose error showing where the application resides the...

CVE-2020-9354

An issue was discovered in SmartClient 12.0. The Remote Procedure Call RPC saveFile provided by the console functionality on the /tools/developerConsoleOperations.jsp or /isomorphic/IDACall URL allows an unauthenticated attacker to overwrite files via vectors involving an XML comment and /.. path...

Siemens SIMATIC WinCC Sm@rtClient app Information Disclosure Vulnerability

Siemens SIMATIC WinCC is the monitoring control and data acquisition SCADA and HMI system. An information disclosure vulnerability exists in Siemens SIMATIC WinCC Sm@rtClient app versions prior to 1.0.2, which allows an attacker to discover Sm@rtServer credentials by exploiting an error in the...