CVE-2010-2772
HIGH EXPLOITED IN THE WILDSiemens Simatic WinCC PCS 7 SCADA - Privilege Escalation
Title source: llmExploitation Summary
CVE-2010-2772 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io).
Description
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.
References (14)
Core 14
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/60587
Third Party Advisory x_refsource_misc
http://www.f-secure.com/weblog/archives/00001987.html
Press/Media Coverage x_refsource_misc
http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr
Not Applicable x_refsource_confirm
http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c
Third Party Advisory, US Government Resource x_refsource_misc
http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01
Broken Link x_refsource_misc
http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1
Broken Link vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1893
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40682
Press/Media Coverage x_refsource_misc
http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/
Broken Link, Vendor Advisory x_refsource_confirm
http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/41753
Press/Media Coverage x_refsource_misc
http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725
Exploit, Issue Tracking x_refsource_misc
http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22
Press/Media Coverage, Third Party Advisory x_refsource_misc
http://www.wired.com/threatlevel/2010/07/siemens-scada/
Scores
CVSS v3
7.8
EPSS
0.0028
EPSS Percentile
51.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2010-10-01
InTheWild.io
2017-08-17
CWE
CWE-798
Status
published
Products (6)
siemens/simatic_pcs_7
6.0
siemens/simatic_pcs_7
6.1
siemens/simatic_pcs_7
7.0 (2 CPE variants)
siemens/simatic_pcs_7
7.1 (2 CPE variants)
siemens/simatic_wincc
6.2
siemens/simatic_wincc
7.0
Published
Jul 22, 2010
Tracked Since
Feb 18, 2026