NuytsTech Security

CVE-2012-3032

by ·

SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message.

Date published : 2012-09-18

http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf

http://en.securitylab.ru/lab/PT-2012-44

Tags: