WebNavigator in Siemens WinCC 7.0 SP3 and previous versions, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote malicious users to read a (1) log file or (2) configuration file via a direct request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
siemens wincc 6.0 |
||
siemens simatic pcs7 8.0 |
||
siemens wincc |
||
siemens wincc 7.0 |
||
siemens wincc 5.0 |