ID
VAR-E-201007-0824
CVE
| cve_id: | CVE-2010-2772 | Trust: 0.3 |
sources:
BID: 41753
TITLE
Siemens SIMATIC WinCC Default Password Security Bypass Vulnerability
Trust: 0.3
sources:
BID: 41753
DESCRIPTION
Siemens SIMATIC WinCC is affected by a vulnerability that allows attackers to bypass security.
An attacker can exploit this issue to bypass certain security restrictions and gain access to the application's database. Successfully exploiting this issue may lead to further attacks.
Trust: 0.3
sources:
BID: 41753
AFFECTED PRODUCTS
| vendor: | siemens | model: | simatic wincc | scope: | eq | version: | 6.2 | Trust: 0.3 |
| vendor: | siemens | model: | simatic wincc | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 41753
EXPLOIT
An attacker can use readily available tools to exploit this issue.
This issue is being exploited in the wild with W32.Stuxnet (previously known as W32.Temphid).
Trust: 0.3
sources:
BID: 41753
PRICE
Free
Trust: 0.3
sources:
BID: 41753
TYPE
Design Error
Trust: 0.3
sources:
BID: 41753
CREDITS
Siemens
Trust: 0.3
sources:
BID: 41753
EXTERNAL IDS
| db: | NVD | id: | CVE-2010-2772 | Trust: 0.3 |
| db: | BID | id: | 41753 | Trust: 0.3 |
sources:
BID: 41753
REFERENCES
| url: | http://it.slashdot.org/comments.pl?sid=1721020&cid=32920758 | Trust: 0.3 |
| url: | http://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/ww/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c | Trust: 0.3 |
| url: | https://www.automation.siemens.com/forum/guests/postshow.aspx?postid=16127&language=en&pageindex=2 | Trust: 0.3 |
| url: | http://aunz.siemens.com/newscentre/productreleases/pages/iac_pr_simaticwinccv62.aspx | Trust: 0.3 |
sources:
BID: 41753
SOURCES
| db: | BID | id: | 41753 |
LAST UPDATE DATE
2022-07-27T09:59:17.875000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 41753 | date: | 2015-03-19T09:27:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 41753 | date: | 2010-07-16T00:00:00 |