Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions < V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to manipulate resources which may be transferred to devices and executed there by a different user. No special privileges are required, but the victim needs to transfer the manipulated files to a device. Execution is caused on the target device rather than on the PG device.
CVSS Information
N/A
Vulnerability Type
缺省权限不正确
Vulnerability Title
Siemens SIMATIC STEP 7和WinCC 安全漏洞
Vulnerability Description
Siemens SIMATIC STEP 7(TIA Portal)和WinCC(TIA Portal)都是德国西门子(Siemens)公司的产品。Siemens SIMATIC STEP 7(TIA Portal)是一套用于SIMATIC控制器的编程软件。该软件提供PLC编程、设计选件包和先进的驱动器技术等。WinCC(TIA Portal)是一套自动化的数据采集与监控(SCADA)系统。该系统提供过程监视、数据采集等功能。 Siemens SIMATIC STEP 7(TIA Portal)和WinC
CVSS Information
N/A
Vulnerability Type
N/A