Vulnerability in Siemens Simatic_pcs7
CVE-2014-4686
The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote attackers to obtain sensitive information by extracting this key from anoth…
EPSS: 0.002 (46.1th percentile) — read the EPSS interpretation.
Affected products
- Siemens Simatic_pcs7 — versions 7.1, 8.0
- Siemens Wincc — versions 5.0, 6.0, 7.0
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)