Back to search
CVE-2018-4847
Published: Apr 23, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4). Insufficient protection of sensitive information (e.g. session key for accessing server) in Siemens WinCC OA Operator iOS app could allow an attacker with physical access to the mobile device to read unencrypted data from the app's directory. Siemens provides mitigations to resolve the security issue.
| Vendor | Product | Versions |
|---|---|---|
Siemens AG | SIMATIC WinCC OA Operator iOS App | affected All versions < V1.4 |
Weaknesses (CWE)
References
103941
vdb-entry
x_refsource_BID
https://cert-portal.siemens.com/productcert/pdf/ssa-597741.pdf
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now