Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The remote-management module in the (1) Multi Panels, (2) Comfort Panels, and (3) RT Advanced functionality in Siemens SIMATIC WinCC (TIA Portal) before 13 SP1 and in the (4) panels and (5) runtime functionality in SIMATIC WinCC flexible before 2008 SP3 Up7 does not properly encrypt credentials in transit, which makes it easier for remote attackers to determine cleartext credentials by sniffing the network and conducting a decryption attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Siemens SIMATIC WinCC remote-management模块加密问题漏洞
Vulnerability Description
Siemens SIMATIC WinCC是德国西门子(Siemens)公司的一套自动化的数据采集与监控(SCADA)系统。该系统提供过程监视、数据采集等功能。 Siemens SIMATIC WinCC 13.0及之前版本的Multi Panels、Comfort Panels和RT Advanced功能中的remote-management模块中存在安全漏洞,该漏洞源于程序没有正确加密传输中的证书。远程攻击者可通过嗅探网络并实施解密攻击利用该漏洞获取明文证书。
CVSS Information
N/A
Vulnerability Type
N/A