CVE-2012-3034 Information

Description

WebNavigator in Siemens WinCC 7.0 SP3 and earlier as used in SIMATIC PCS7 and other products allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls.

Reference

http://en.securitylab.ru/lab/PT-2012-45 http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf