Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4
CVE-2015-1356
- EPSS 0.13%
- Published 18.02.2015 02:59:06
- Last modified 12.04.2025 10:46:40
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file.
2.1
CVE-2015-1355
- EPSS 0.06%
- Published 18.02.2015 02:59:05
- Last modified 12.04.2025 10:46:40
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which makes it easier for local users to determine cleartext passwords by reading a project file and conducting a brute-force attack.
6.9
CVE-2012-3015
- EPSS 0.07%
- Published 26.07.2012 10:41:47
- Last modified 11.04.2025 00:51:21
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.