CVE-2014-5233

Loading...

General

Score:1.9/10.0
Severity:Low
Category:Information Leak / Disclosure

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Local
Access Complexity:Medium
Authentication:None

Published on 14/01/15 - Updated on 13/11/15

Description

The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to discover Sm@rtServer credentials by leveraging an error in the credential-processing mechanism.

Category: Information Leak / Disclosure

CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

Security Notices

US National Vulnerability DatabaseCVE-2014-5233
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2015-AVI-022

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
siemenssimatic_wincc_sm@rtclient

Share this vulnerability with:

Twitter Facebook LinkedIn Mail