Database Privilege Misconfiguration in Siemens WinCC and SIMATIC PCS7
CVE-2013-0676

Currently unrated

Key Information:

Vendor

Siemens
Status
Simatic Pcs7
Wincc
Vendor
CVE Published:
21 March 2013

What is CVE-2013-0676?

A misconfiguration in Siemens WinCC, as utilized in SIMATIC PCS7, allows remote authenticated users to execute SQL queries against a database containing WebNavigator credentials. This misconfiguration potentially exposes sensitive information due to insufficient privilege assignment, posing a risk of unauthorized data access. Users and administrators must ensure proper configurations to protect against this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.siemens.com/corporate-technology/pool/de/forsc...
x_refsource_CONFIRM
http://ics-cert.us-cert.gov/pdf/ICSA-13-079-02.pdf
x_refsource_MISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.