Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3015

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2012-3015
Last Modified 30 Jul 2012 12:00:00
Published 26 Jul 2012 06:41:47
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3015

Summary

Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.

Vulnerable Systems

Application

  • Siemens Simatic Pcs7 7.1

  • Siemens Simatic Step 7 5.5


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf

CONFIRM - http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf


Last Updated: 27 May 2016 10:54:58