Уязвимости Угрозы

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10393
LPE & OSI vulnerabilities in Siemens Simatic WinCC

Обновлено: 03/06/2020
Дата обнаружения
 23/07/2014
Уровень угрозы
 High
Описание

Multiple serious vulnerabilities have been found in Siemens Simatic WinCC. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities

  1. An unsafe encryption key can be exploited remotely via key extraction;
  2. Weak system-object access control can be exploited locally;
  3. Vectors related to the WebNavigator server and other unspecified vectors can be exploited via specially designed requests.
Пораженные продукты

Siemens Simatic WinCC versions earlier than 7.3
Решение

Update to latest version
Первичный источник обнаружения
 Siemens bulletin
Оказываемое влияние
?
OSI 
[?]

PE 
[?]
Связанные продукты
 WinCC flexible
CVE-IDS
CVE-2014-46854.6Warning
CVE-2014-46825.0Critical
CVE-2014-46834.9Warning
CVE-2014-46846.0High
CVE-2014-46866.8High
Узнай статистику распространения уязвимостей в твоем регионе
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up