Untrusted Search Path Vulnerability in Siemens SIMATIC STEP7 Software
CVE-2012-3015

Currently unrated

Key Information:

Vendor

Siemens
Status
Simatic Pcs7
Simatic Step 7
Vendor
CVE Published:
26 July 2012

What is CVE-2012-3015?

A significant vulnerability in Siemens SIMATIC STEP7, prior to version 5.5 SP1, allows local users to gain elevated privileges. This flaw occurs due to an untrusted search path that could be exploited through the introduction of a malicious DLL within a STEP7 project directory. As a result, this vulnerability poses a risk not only to the integrity of the software but also potentially to the larger control systems utilizing it, enabling unauthorized actions and access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02...
x_refsource_MISC
http://www.siemens.com/corporate-technology/pool/de/forsc...
x_refsource_CONFIRM

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.