Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All Versions < V15.1). Password hashes with insufficient computational effort could allow an attacker to access to a project file and reconstruct passwords. The vulnerability could be exploited by an attacker with local access to the project file. No user interaction is required to exploit the vulnerability. The vulnerability could allow the attacker to obtain certain passwords from the project. At the time of advisory publication no public exploitation of this vulnerability was known.
CVSS Information
N/A
Vulnerability Type
使用具有不充分计算复杂性的口令哈希
Vulnerability Title
Siemens SIMATIC STEP 7 安全漏洞
Vulnerability Description
Siemens SIMATIC STEP 7(TIA Portal)是德国西门子(Siemens)公司的一套用于SIMATIC控制器的编程软件。该软件提供PLC编程、设计选件包和先进的驱动器技术等。 Siemens SIMATIC STEP 7(TIA Portal)15.1之前版本中存在安全漏洞,该漏洞源于程序没有保护存储的密码。攻击者可利用该漏洞访问项目文件并重新构建密码。
CVSS Information
N/A
Vulnerability Type
N/A