QwikSec

Security Database

CVE

CWE

Training

CVE-2011-4515

Published: Mar 21, 2013

Modified: Sep 17, 2024

PUBLISHED

Description

Siemens WinCC (TIA Portal) 11 uses a reversible algorithm for storing HMI web-application passwords in world-readable and world-writable files, which allows local users to obtain sensitive information by leveraging (1) physical access or (2) Sm@rt Server access.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://ics-cert.us-cert.gov/pdf/ICSA-13-079-03.pdf

x_refsource_MISC

http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-212483.pdf

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.