CVE-2015-1594
Published Mar 7, 2015
Last updated 8 years ago
Overview
- Description
- Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC STEP 7 before 5.5 SP1 HF2, 5.5 SP2 before HF7, 5.5 SP3, and 5.5 SP4 before HF4; SIMOTION Scout before 4.4; and STARTER before 4.4 HF3 allows local users to gain privileges via a Trojan horse application file.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- <a href="http://cwe.mitre.org/data/definitions/426.html">CWE-426: Untrusted Search Path</a>
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:starter:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "501269A6-E397-4D1D-9F70-269E6E283449",
"versionEndIncluding": "4.4"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_prosave:13.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC729DF0-989D-419B-9116-E5A4B8C3BA36"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simotion_scout:*:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34604902-7B50-46C4-BD8B-A0DE87830C0B",
"versionEndIncluding": "4.3"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_cfc:*:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1673541E-F7D7-4D3A-B726-2A9652A40391",
"versionEndIncluding": "8.0"
},
{
"criteria": "cpe:2.3:a:siemens:simatic_cfc:8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC9F34FA-9354-4B05-A27B-BE0BD64C3AE8"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:*:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57265D20-9AA4-47E9-BFE9-7DF015F2EAF8",
"versionEndIncluding": "5.5"
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:5.5:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3980E15-DB30-4CD8-B38C-734D56C2C076"
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:5.5:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "747A5E70-8D94-43D3-83C3-F7E78301024A"
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:5.5:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26960308-B20D-414D-AB84-8C93C101E397"
}
],
"operator": "OR"
}
]
}
]