Information disclosure in Siemens Simatic_wincc_sm\@rtclient

CVE-2015-5084

The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Android do not properly store passwords, which allows physically proximate attackers to obtain sensitive information via unspecified vectors.

Vulnerability class: Information Disclosure

EPSS: 0.001 (26.7th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
75981 (vdb-entry, x_refsource_BID)
1033021 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (US Government Resource, Third Party Advisory, x_refsource_MISC)