CVE-2022-33139

by Fred · 21/06/2022

A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated.

Date published : 2022-06-21

https://cert-portal.siemens.com/productcert/pdf/ssa-111512.pdf

CVE-2022-33139

Similar

Recent Posts

Categories

CVE-2022-33139

Share this:

Similar

Recent Posts

Categories

Tags