CVE-2017-2684

Summary

Siemens SIMATIC Logon prior to V1.5 SP3 Update 2 could allow an attacker with knowledge of a valid user name, and physical or network access to the affected system, to bypass the application-level authentication.

Affected Software

VendorProductVersion RangeStatus
n/aSIMATIC Logon All versions < V1.5 SP3 Update 2SIMATIC Logon All versions < V1.5 SP3 Update 2affected

Weaknesses

  • CWE-592: CWE-592: Authentication Bypass Issues

ADP Enrichment

CVE Program Container

Additional References

References