Privilege Assignment Vulnerability in Siemens WinCC

Privilege Assignment Vulnerability in Siemens WinCC

CVE-2013-0676 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.