Simatic Wincc Sm Rtclient
CVE-2014-5232
LOW
Severity by source
AV:L/AC:M/Au:N/C:N/I:P/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:L/AC:M/Au:N/C:N/I:P/A:N
Lifecycle Timeline
1DescriptionCVE.org
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state.
AnalysisAI
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state. Rated low severity (CVSS 1.9). No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-264. The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state. Affected products include: Siemens Simatic Wincc Sm\@Rtclient. Version information: before 1.0.2.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Simatic Wincc Sm Rtclient
View allA vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2). Rated hi
A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2) and SIMAT
The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Android do not properly s
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to extract the pass
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to discover Sm@rtSe
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today