36 matches found
EUVD-2014-4602
Malware in sbrugna...
EUVD-2013-0687
Malware in sbrugna...
EUVD-2012-3008
Malware in sbrugna...
EUVD-2012-3009
Malware in sbrugna...
EUVD-2012-3012
Malware in sbrugna...
CVE-2013-0676
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query...
WebNavigator Chromium browser published by search hijackers
A mystery Chromium browser recently made a sudden appearance, and is certainly proving popular. But what is it, and where did it come from? Malwarebytes detects the browser as PUP.Optional.WebNavigator, and we found several clues that this browser was brought to you by a notorious family of searc...
The vulnerability of the automated system for managing technological processes, SIMATIC WinCC, allows authorized users to elevate their privileges remotely.
The vulnerability of Siemens SIMATIC WinCC software is related to errors in the code of the WinCC WebNavigator server. Exploiting this vulnerability allows authorized users to remotely escalate their privileges...
Siemens Patches Five Vulnerabilities in SIMATIC WinCC for PCS 7
Siemens has patched five vulnerabilities in its SIMATIC PCS 7 system that could result in privilege escalation and give an attacker unauthenticated access to sensitive data. The flaws technically exist in WinCC, a SCADA supervisory control and data acquisition and HMI human-machine interface syst...
CVE-2014-4682
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request...
CVE-2014-4683
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a 1 HTTP or 2 HTTPS request...
Cross site request forgery (csrf)
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote authenticated users to gain privileges via a 1 HTTP or 2 HTTPS request...
Cross site request forgery (csrf)
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request...
CVE-2014-4682
The WebNavigator server in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, allows remote attackers to obtain sensitive information via an HTTP request...
CVE-2014-4683
The CVE-2014-4683 issue affects Siemens SIMATIC WinCC WebNavigator: remote authenticated users can escalate privileges via HTTP/HTTPS requests to the WebNavigator server (ports 80/443). Sources describe Prague: Privilege gain through WebNavigator’s access control, with explicit remediation in upd...
CVE-2014-4682
CVE-2014-4682 pertains to the WebNavigator server in Siemens SIMATIC WinCC (pre-7.3). Multiple sources describe that the WebNavigator at ports 80/443 could allow unauthenticated remote access to sensitive data via specially crafted HTTP requests, with a CVSSv2 base score of 5.0. The broader Sieme...
CVE-2013-0678
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query...
CVE-2013-0676
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query...
Information disclosure
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query...
Information disclosure
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query...