QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-13811

Back to search

CVE-2018-13811

Published: Dec 13, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All Versions < V15.1). Password hashes with insufficient computational effort could allow an attacker to access to a project file and reconstruct passwords. The vulnerability could be exploited by an attacker with local access to the project file. No user interaction is required to exploit the vulnerability. The vulnerability could allow the attacker to obtain certain passwords from the project. At the time of advisory publication no public exploitation of this vulnerability was known.

VendorProductVersions

Siemens AG

SIMATIC STEP 7 (TIA Portal)

affected
SIMATIC STEP 7 (TIA Portal) : All Versions < V15.1

Weaknesses (CWE)

CWE-916

References

105926
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now