CVE-2010-2772
published 2010-07-22CVE-2010-2772: Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
ITW
Exploited in the wild
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
| siemens | simatic_pcs_7 | — | — |
| siemens | simatic_pcs_7 | — | — |
| siemens | simatic_pcs_7 | — | — |
| siemens | simatic_pcs_7 | — | — |
| siemens | simatic_wincc | — | — |
| siemens | simatic_wincc | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vulncheck7.8HIGH