CVE-2014-4686

The Project administration application in Siemens SIMATIC WinCC before 7.3, as used in PCS7 and other products, has a hardcoded encryption key, which allows remote attackers to obtain sensitive information by extracting this key from another product installation and then employing this key during the sniffing of network traffic on TCP port 1030.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
VendorProductVersion
siemenssimatic_pcs7
𝑥
≤ 8.0
siemenssimatic_pcs7
7.1:sp3
siemenssimatic_pcs7
8.0
siemenswincc
𝑥
≤ 7.2
siemenswincc
5.0
siemenswincc
5.0:sp1
siemenswincc
6.0
siemenswincc
6.0:sp2
siemenswincc
6.0:sp3
siemenswincc
6.0:sp4
siemenswincc
7.0
siemenswincc
7.0:sp1
siemenswincc
7.0:sp2
siemenswincc
7.0:sp3
siemenswincc
7.1
siemenswincc
7.1:sp1
𝑥
= Vulnerable software versions
References
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-214365.pdf