Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-level passwords or (2) web-server passwords by leveraging the ability to read these files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Siemens SIMATIC STEP 7(TIA Portal)信息泄露漏洞
Vulnerability Description
Siemens SIMATIC STEP 7(TIA Portal)是德国西门子(Siemens)公司的一套用于SIMATIC控制器的编程软件。该软件提供PLC编程、设计选件包和先进的驱动器技术等。 Siemens SIMATIC STEP 7 (TIA Portal) 12版本和13 sp1及之前版本中存在安全漏洞,该漏洞源于程序不正确地在项目文件中存储密码数据。本地攻击者可通过读取文件利用该漏洞确定明文的protection-level或web-server密码。
CVSS Information
N/A
Vulnerability Type
N/A