Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Improper access control to a data point of the affected product could allow an unauthenticated remote user to escalate its privileges in the context of SIMATIC WinCC OA V3.14. This vulnerability could be exploited by an attacker with network access to port 5678/TCP of the SIMATIC WinCC OA V3.14 server. Successful exploitation requires no user privileges and no user interaction. This vulnerability could allow an attacker to compromise integrity and availability of the SIMATIC WinCC OA system. At the time of advisory publication no public exploitation of this vulnerability was known.
CVSS Information
N/A
Vulnerability Type
特权管理不恰当
Vulnerability Title
Siemens SIMATIC WinCC OA 访问控制错误漏洞
Vulnerability Description
Siemens SIMATIC WinCC OA(Open Architecture)是德国西门子(Siemens)公司的一套SCADA系统,也是HMI系列的一个组成部分。该系统主要适用于轨道交通、楼宇自动化和公共电力供应等行业。 Siemens SIMATIC WinCC OA V3.14版本及之前版本中存在访问控制错误漏洞。远程攻击者可利用该漏洞提升权限,影响SIMATIC WinCC OA系统的完整性和可用性。
CVSS Information
N/A
Vulnerability Type
N/A