The vulnerability of the Simatic PCS 7 software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability exists in the implementation of the Web Navigator interface in Siemens WinCC, due to the presence of a strictly encrypted user account. Exploiting this vulnerability allows malicious actors, operating remotely, to gain access to the system through a specially crafted request...