Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4693

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2012-4693
Last Modified 19 Dec 2012 12:00:00
Published 18 Dec 2012 07:30:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4693

Summary

Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by reading this file.

Vulnerable Systems

Application

  • Invensys Wonderware Intouch 2012

  • Siemens Processsuite -


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-348-01.pdf

CONFIRM - http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-370812.pdf


Last Updated: 27 May 2016 10:47:22