ID

VAR-202002-1693


TITLE

SIEMENS SIMATIC S7-200 Smart has weak password vulnerability

Trust: 0.6

sources: CNVD: CNVD-2020-13866

DESCRIPTION

Siemens is the world's leading technology company. With innovations in the fields of electrification, automation and digitalization, Siemens provides customers with solutions in the fields of power generation and transmission and distribution, infrastructure, industrial automation, drives and software. SIEMENS SIMATIC S7-200 Smart has a weak password vulnerability. Attackers can use this vulnerability to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2020-13866

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-13866

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-200 smartscope:eqversion:2.x.x

Trust: 0.6

sources: CNVD: CNVD-2020-13866

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2020-13866
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2020-13866
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2020-13866

PATCH

title:SIEMENS SIMATIC S7-200 Smart PLC has weak password vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/196167

Trust: 0.6

sources: CNVD: CNVD-2020-13866

EXTERNAL IDS

db:CNVDid:CNVD-2020-13866

Trust: 0.6

sources: CNVD: CNVD-2020-13866

SOURCES

db:CNVDid:CNVD-2020-13866

LAST UPDATE DATE

2022-05-04T09:42:35.275000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-13866date:2020-03-13T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-13866date:2020-02-17T00:00:00