CVE-2010-2772 - Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to

CVE-2010-2772

Summary

Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.

References

Vulnerable Configurations

cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:6.2:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:6.2:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:6.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:6.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:6.1:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:6.1:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:7.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:7.0:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:7.0:sp1:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:7.0:sp1:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:7.1:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:7.1:*:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:7.1:sp1:*:*:*:*:*:*
cpe:2.3:a:siemens:simatic_pcs_7:7.1:sp1:*:*:*:*:*:*

CVSS

Base:	6.9 (as of 17-08-2017 - 01:32)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bid	41753
confirm	http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx
misc	http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01 http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725 http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/ http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1 http://www.f-secure.com/weblog/archives/00001987.html http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22 http://www.wired.com/threatlevel/2010/07/siemens-scada/
secunia	40682
vupen	ADV-2010-1893
xf	simatic-wincc-default-password(60587)

Last major update

17-08-2017 - 01:32

Published

22-07-2010 - 05:43

Last modified

17-08-2017 - 01:32