First published: Wed Feb 18 2015(Updated: )
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SIMATIC STEP 7 | <=13.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.