Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-5232

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2014-5232
Last Modified 22 Jan 2015 09:00:50
Published 14 Jan 2015 06:59:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2014-5232

Summary

The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state.

Vulnerable Systems

Application

  • Siemens Simatic Wincc Sm%40rtclient 1.0


References

CONFIRM - http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-311299.pdf

SECTRACK - 1031546


Last Updated: 27 May 2016 11:03:26