Hardcoded Encryption Key Vulnerability in Siemens SIMATIC WinCC
CVE-2014-4686

Currently unrated

Key Information:

Vendor: Siemens
Status: Wincc; Simatic Pcs7
Vendor: CVE Published:; 24 July 2014

What is CVE-2014-4686?

The Project administration application in Siemens SIMATIC WinCC prior to version 7.3 contains a vulnerability due to a hardcoded encryption key. This flaw can be exploited by remote attackers who extract the key from another product installation. By utilizing this key, attackers can eavesdrop on sensitive network traffic transmitted over TCP port 1030, potentially leading to unauthorized access to confidential information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 24, 2014
Vulnerability Reserved
Jun 28, 2014

JSON

Siemens

What is CVE-2014-4686?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.