Improper File Management Vulnerability in Siemens SIMATIC STEP 7 (TIA Portal)
CVE-2016-7960

2.5LOW

Key Information:

Vendor

Siemens
Status
Simatic Step 7
Vendor
CVE Published:
13 October 2016

What is CVE-2016-7960?

Siemens SIMATIC STEP 7 (TIA Portal) prior to version 14 suffers from a vulnerability due to improper management of project files during version updates. This flaw allows local users to exploit unspecified vectors to gain access to sensitive configuration information, potentially compromising the integrity of the system and its data. The issue emphasizes the importance of secure software practices and user permissions in critical infrastructure environments.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://ics-cert.us-cert.gov/advisories/ICSA-16-287-03
x_refsource_MISC
http://www.securityfocus.com/bid/93551
vdb-entryx_refsource_BID
http://www.siemens.com/cert/pool/cert/siemens_security_ad...
x_refsource_CONFIRM

CVSS V3.1

Score:
2.5
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.