Untrusted Search Path Vulnerability in Siemens SIMATIC STEP7: Privilege Escalation via Trojan Horse DLL

Untrusted Search Path Vulnerability in Siemens SIMATIC STEP7: Privilege Escalation via Trojan Horse DLL

CVE-2012-3015 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.

Learn more about our User Device Pen Test.