CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-3034

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.7%

CVSS Severity

CVSS v2 Score 4.3

References

http://en.securitylab.ru/lab/PT-2012-45
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf
http://en.securitylab.ru/lab/PT-2012-45
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf
http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf

Products affected by CVE-2012-3034

Siemens » Simatic Pcs7 » Version: 8.0

cpe:2.3:a:siemens:simatic_pcs7:8.0
Siemens » Wincc » Version: 5.0

cpe:2.3:a:siemens:wincc:5.0
Siemens » Wincc » Version: 6.0

cpe:2.3:a:siemens:wincc:6.0
Siemens » Wincc » Version: 7.0

cpe:2.3:a:siemens:wincc:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3034

Products

Pricing

Contact Us