漏洞信息详情
Siemens SIMATIC WinCC Sm@rtClient for CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android和CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android Lite 安全漏洞
- CNNVD编号:CNNVD-201703-626
- 危害等级: 中危
- CVE编号: CVE-2017-6871
- 漏洞类型: 授权问题
- 发布时间: 2017-03-16
- 威胁类型: 本地
- 更新时间: 2019-10-17
- 厂 商: siemens
- 漏洞来源:
漏洞简介
Siemens SIMATIC WinCC Sm@rtClient for CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android和SIMATIC WinCC Sm@rtClient for CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android Lite都是德国西门子(Siemens)公司的产品。Siemens SIMATIC WinCC Sm@rtClient for CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android是一套基于CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android平台并且提供远程移动操作和观察SIMATIC HMI系统的客户端应用程序。SIMATIC WinCC Sm@rtClient for CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android Lite是它的精简版。
Siemens SIMATIC WinCC Sm@rtClient for CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android V1.0.2.2之前的版本和SIMATIC WinCC Sm@rtClient for CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android Lite V1.0.2.2之前的版本中存在安全漏洞。攻击者可利用该漏洞绕过应用程序身份验证机制解锁电话,影响应用程序运行。
漏洞公告
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-589378.pdf
参考网址
来源:BID
链接:https://www.securityfocus.com/bid/99582
来源:CONFIRM
链接:https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-589378.pdf
受影响实体
- Siemens Simatic_wincc_sm%40rtclient:1.0.2.1:~~~CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android~~
- Siemens Simatic_wincc_sm%40rtclient_lite:1.0.2.1:~~~CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android~~
补丁
- Siemens SIMATIC WinCC Sm@rtClient for CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android和CMS.zone.ci/e/tags/htag.php?tag=Android target=_blank class=infotextkey>Android Lite 安全漏洞的修复措施
评论