CVE-2011-4515

Currently unrated

Key Information:

Vendor: Siemens
Status: Wincc Tia Portal
Vendor: CVE Published:; 21 March 2013

Summary

Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access.

References

http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf

x_refsource_MISC

http://www.siemens.com/corporate-technology/pool/de/forsc...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 21, 2013