CVE-2015-5084
SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite < 1.0 - Unprotected Password Exposure
Title source: llmDescription
The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Android do not properly store passwords, which allows physically proximate attackers to obtain sensitive information via unspecified vectors.
References (4)
Core 4
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-267489.pdf
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75981
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033021
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-202-02
Scores
EPSS
0.0010
EPSS Percentile
26.5%
Details
CWE
CWE-200
Status
published
Products (2)
siemens/simatic_wincc_sm\@rtclient
< 1.0
siemens/simatic_wincc_sm\@rtclient_lite
< 1.0
Published
Aug 03, 2015
Tracked Since
Feb 18, 2026