CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-46141
https://notcve.org/view.php?id=CVE-2022-46141
12 Dec 2023 — A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CPUs, when entered by a legitimate user in the hardware configuration of the affected application. Se ha identificado una vulnerabilidad en SIMATIC STEP 7 (TIA Portal) (todas las versiones < V19). Una vulnerabilidad de divulgación de información podría permitir a un ataca... • https://cert-portal.siemens.com/productcert/pdf/ssa-887801.pdf • CWE-312: Cleartext Storage of Sensitive Information CWE-316: Cleartext Storage of Sensitive Information in Memory •
CVSS: 7.8EPSS: 0%CPEs: 78EXPL: 0CVE-2021-42029
https://notcve.org/view.php?id=CVE-2021-42029
12 Apr 2022 — A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 5), SIMATIC STEP 7 (TIA Portal) V17 (All versions < V17 Update 2). An attacker could achieve privilege escalation on the web server of certain devices due to improper access control vulnerability in the engineering system software. The attacker needs to have direct access to the impacted web server. Se ha identificado una vulnerabilidad en SIMATIC STEP 7 (TIA Port... • https://cert-portal.siemens.com/productcert/pdf/ssa-350757.pdf • CWE-284: Improper Access Control •