Siemens SIMATIC WinCC OA CVE-2018-13799 Access Bypass Vulnerability
BID:105332
CVE-2018-13799 |Info
Siemens SIMATIC WinCC OA CVE-2018-13799 Access Bypass Vulnerability
| Bugtraq ID: | 105332 |
| Class: | Access Validation Error |
| CVE: |
CVE-2018-13799 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 11 2018 12:00AM |
| Updated: | Sep 11 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Siemens SIMATIC WinCC OA 3.8 Siemens SIMATIC WinCC OA 3.14 Siemens SIMATIC WinCC OA 3.12 P002 Siemens SIMATIC WinCC OA 3.12 |
| Not Vulnerable: |
Siemens SIMATIC WinCC OA 3.14-P021 |
Discussion
Siemens SIMATIC WinCC OA CVE-2018-13799 Access Bypass Vulnerability
Siemens SIMATIC WinCC OA is prone to an access-bypass vulnerability.
An attacker can exploit this issue to gain elevated privileges.
Versions prior to SIMATIC WinCC OA 3.14-P021 are vulnerable.
Siemens SIMATIC WinCC OA is prone to an access-bypass vulnerability.
An attacker can exploit this issue to gain elevated privileges.
Versions prior to SIMATIC WinCC OA 3.14-P021 are vulnerable.
Exploit / POC
Siemens SIMATIC WinCC OA CVE-2018-13799 Access Bypass Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].