Vulnerability Details CVE-2015-5084
The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Android do not properly store passwords, which allows physically proximate attackers to obtain sensitive information via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.5%
CVSS Severity
CVSS v2 Score 2.1
References
- http://www.securityfocus.com/bid/75981
- http://www.securitytracker.com/id/1033021
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-267489.pdf
- https://ics-cert.us-cert.gov/advisories/ICSA-15-202-02
- http://www.securityfocus.com/bid/75981
- http://www.securitytracker.com/id/1033021
- http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-267489.pdf
- https://ics-cert.us-cert.gov/advisories/ICSA-15-202-02
Products affected by CVE-2015-5084
-
cpe:2.3:a:siemens:simatic_wincc_sm@rtclient:1.0
-
cpe:2.3:a:siemens:simatic_wincc_sm@rtclient_lite:1.0