Sensitive Information Disclosure in Siemens SIMATIC WinCC Products
CVE-2014-4682

Currently unrated

Key Information:

Vendor: Siemens
Status: Wincc; Simatic Pcs7
Vendor: CVE Published:; 24 July 2014

Summary

The WebNavigator server in Siemens SIMATIC WinCC prior to version 7.3 is susceptible to a vulnerability that enables remote attackers to exploit HTTP requests to gain unauthorized access to sensitive information. This could potentially facilitate further attacks against the infrastructure employing these systems, highlighting the importance of timely updates and comprehensive security measures.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 24, 2014
Vulnerability Reserved
Jun 28, 2014