Lucene search

IcscertCVELIST:CVE-2012-3015

HistoryJul 26, 2012 - 10:00 a.m.

CVE-2012-3015

2012-07-2610:00:00

icscert

www.cve.org

siemens

simatic step7

vulnerability

untrusted search path

trojan horse dll

local users

privileges

pcs7

sp3

cve-2012-3015

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

32.6%

JSON

Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder.

References

www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-110665.pdf

www.us-cert.gov/control_systems/pdf/ICSA-12-205-02.pdf