Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in SIMATIC PCS neo (Administration Console) V4.0 (All versions), SIMATIC PCS neo (Administration Console) V4.0 Update 1 (All versions). The affected application leaks Windows admin credentials. An attacker with local access to the Administration Console could get the credentials, and impersonate the admin user, thereby gaining admin access to other Windows systems.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
文件和路径信息暴露
Vulnerability Title
Siemens SIMATIC 安全漏洞
Vulnerability Description
Siemens SIMATIC是德国西门子(Siemens)公司的一款组态软件。 Siemens SIMATIC PCS neo存在安全漏洞,该漏洞源于存在Windows管理员凭据泄露问题,导致攻击者可以模拟管理员用户,获得对其他Windows系统的访问权限。受影响的产品和版本:SIMATIC PCS neo V4.0所有版本,V4.0 Update 1所有版本。
CVSS Information
N/A
Vulnerability Type
N/A