Siemens SIMATIC STEP 7 (TIA Portal) prior to 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote malicious users to establish arbitrary authorization data via a modified file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
siemens simatic step 7 |