Privilege Escalation Vulnerability in SIMATIC WinCC by Siemens

CVE-2014-4683

Summary

The WebNavigator server in Siemens SIMATIC WinCC versions prior to 7.3 is susceptible to a privilege escalation vulnerability. This issue allows remote authenticated users to elevate their access rights through crafted HTTP or HTTPS requests. This vulnerability can lead to unauthorized access and manipulation of the system, impacting its integrity and availability. Organizations using affected versions of SIMATIC WinCC should prioritize remediation to mitigate potential risks.

References