Username and Password Disclosure in Siemens WinCC 7.0 SP3 and Earlier

Username and Password Disclosure in Siemens WinCC 7.0 SP3 and Earlier

CVE-2012-3034 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls.

Learn more about our User Device Pen Test.