Описание
A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2). The existing TLS protocol implementation could allow an attacker to read and modify data within a TLS session while performing a Man-in-the-Middle (MitM) attack.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.2.1 (включая)
cpe:2.3:a:siemens:simatic_wincc_sm\@rtclient:*:*:*:*:*:android:*:*
EPSS
Процентиль: 47%
0.0024
Низкий
7.4 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-300
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.4
github
больше 3 лет назад
A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2). The existing TLS protocol implementation could allow an attacker to read and modify data within a TLS session while performing a Man-in-the-Middle (MitM) attack.
EPSS
Процентиль: 47%
0.0024
Низкий
7.4 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-300
NVD-CWE-noinfo