Vulnerability Details : CVE-2010-2772
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.
Exploit prediction scoring system (EPSS) score for CVE-2010-2772
Probability of exploitation activity in the next 30 days: 0.09%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 38 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-2772
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2010-2772
-
Assigned by: nvd@nist.gov (Primary)
-
The product contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-2772
-
http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1
Wincc Database problem - Entries - Forum - Industry Support - SiemensBroken Link
-
http://www.f-secure.com/weblog/archives/00001987.html
News from the Lab Archive : January 2004 to September 2015Third Party Advisory
-
http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/
Experts Warn of New Windows Shortcut Flaw — Krebs on SecurityPress/Media Coverage
-
http://www.wired.com/threatlevel/2010/07/siemens-scada/
SCADA System's Hard-Coded Password Circulated Online for Years | WIREDPress/Media Coverage;Third Party Advisory
-
http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c
SIMATIC WinCC / SIMATIC PCS 7: Information about Malware / Viruses / Trojan horses - ID: 43876783 - Industry Support SiemensNot Applicable
-
http://www.vupen.com/english/advisories/2010/1893
Webmail | OVH- OVHBroken Link
-
http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01
Siemens WinCC Insecure SQL Server Authentication | CISAThird Party Advisory;US Government Resource
-
http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr
Siemens warns users: Don't change passwords after worm attack | InfoWorldPress/Media Coverage
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/60587
Siemens Simatic WinCC default password CVE-2010-2772 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx
Broken Link;Vendor Advisory
-
http://www.securityfocus.com/bid/41753
Siemens SIMATIC WinCC Default Password Security Bypass VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
http://secunia.com/advisories/40682
Sign inBroken Link
-
http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725
New 'weaponized' virus targets industrial secrets | InfoWorldPress/Media Coverage
-
http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22
Rootkit.TmpHider | Wilders Security ForumsExploit;Issue Tracking
Products affected by CVE-2010-2772
- cpe:2.3:a:siemens:simatic_wincc:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_pcs_7:7.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_pcs_7:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_pcs_7:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_pcs_7:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_pcs_7:7.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_pcs_7:7.0:-:*:*:*:*:*:*