Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.
References
Link | Resource |
---|---|
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf | Vendor Advisory |
http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf | US Government Resource |
Configurations
Configuration 1 (hide)
|
Information
Published : 2012-07-26 03:41
Updated : 2012-07-29 21:00
NVD link : CVE-2012-3015
Mitre link : CVE-2012-3015
JSON object : View
CWE
Products Affected
siemens
- simatic_pcs7
- simatic_step_7