Weak Hash Algorithm Vulnerability in Siemens SIMATIC WinCC OA Software
CVE-2014-1696

Currently unrated

Key Information:

Vendor: Siemens
Status: Simatic Wincc Open Architecture
Vendor: CVE Published:; 7 February 2014

What is CVE-2014-1696?

Siemens SIMATIC WinCC OA prior to version 3.12 P002 January is susceptible to a security flaw due to the use of a weak hash algorithm for password storage. This vulnerability allows remote attackers to exploit the system by performing brute-force attacks to gain unauthorized access. Users are advised to upgrade to the latest version to mitigate this risk and ensure the integrity of their security measures.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90934

vdb-entryx_refsource_XF

http://osvdb.org/102809

vdb-entryx_refsource_OSVDB

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 7, 2014
Vulnerability Reserved
Jan 29, 2014