CVE-2012-3020

Siemens Synco OZW - Info Disclosure

Title source: llm

Description

The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain administrative access via a network session.

References (2)

Core 2

Core References

US Government Resource x_refsource_misc

http://www.us-cert.gov/control_systems/pdf/ICSA-12-214-01.pdf

Various Sources x_refsource_misc

http://support.automation.siemens.com/WW/view/en/41929231/130000

Scores

EPSS 0.0044

EPSS Percentile 63.4%

Details

CWE

CWE-255

Status published

Products (9)

siemens/synco_ozw_web_server ozw672.01

siemens/synco_ozw_web_server ozw672.04

siemens/synco_ozw_web_server ozw672.16

siemens/synco_ozw_web_server ozw772.01

siemens/synco_ozw_web_server ozw772.04

siemens/synco_ozw_web_server ozw772.16

siemens/synco_ozw_web_server ozw772.250

siemens/synco_ozw_web_server ozw775

siemens/synco_ozw_web_server_firmware < 3.0

Published Aug 06, 2012

Tracked Since Feb 18, 2026