CVE-2013-3958Siemens Simatic Pcs7 vulnerability

CWE-2553 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 37.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Siemens Simatic Pcs7Siemens Wincc
Timeline
PublishedJun 14
Latest updateMay 17

Description

The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, has a hardcoded account, which makes it easier for remote attackers to obtain access via an unspecified request.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDsiemens/wincc7.2+2

🔴Vulnerability Details

2
GHSA
GHSA-5vff-97qq-6xwp: The login implementation in the Web Navigator in Siemens WinCC before 72022-05-17
CVEList
CVE-2013-3958: The login implementation in the Web Navigator in Siemens WinCC before 72013-06-14
CVE-2013-3958 — Siemens Simatic Pcs7 vulnerability | cvebase