GHSA-wg4m-r562-77pw

Опубликовано: 10 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions >= V17 Update 2), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system.

Ссылки

EPSS

Процентиль: 7%

0.00026

Низкий

7.8 High

CVSS3

CVE ID

CVE-2021-40363

Дефекты

CWE-312

CWE-538

Связанные уязвимости

CVE-2021-40363

CVSS3: 7.8

nvd

почти 4 года назад

A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions <= V17 Update 4), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system.

BDU:2022-04927

CVSS3: 5.5

fstec

почти 4 года назад

Уязвимость программного обеспечения продуктов Siemens SIMATIC, связанная с утечкой информации о файлах и каталогах, позволяющая нарушителю получить учетные данные

EPSS

Процентиль: 7%

0.00026

Низкий

7.8 High

CVSS3

CVE ID

CVE-2021-40363

Дефекты

CWE-312

CWE-538