WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls.
References
Link | Resource |
---|---|
http://en.securitylab.ru/lab/PT-2012-45 | |
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf | Patch Vendor Advisory |
http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf | US Government Resource |
Configurations
Configuration 1 (hide)
|
Information
Published : 2012-09-18 07:55
Updated : 2012-09-19 07:11
NVD link : CVE-2012-3034
Mitre link : CVE-2012-3034
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
siemens
- wincc
- simatic_pcs7