Vulnetix
Try Vulnetix Request Demo
CVE-2020-10048 PUBLISHED CVSS 5.5 MEDIUM

A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication.

EPSS 0.06% · 17.8th percentile

Risk Scores

CVSS v3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.06%
17.8th percentile

Affected Products

VendorProductVersions
siemenssimatic_pcs_7
SiemensSIMATIC WinCCAll versions < V7.5 SP2
siemenssimatic_wincc0, 7.5, 7.5
SiemensSIMATIC PCS 7All versions

Timeline

References

Open in Interactive Console →