Main Vulnerability Database SB2023121337

SB2023121337 - Cleartext storage of sensitive information in Siemens SIMATIC STEP 7 (TIA Portal)

Published: December 13, 2023

Security Bulletin ID SB2023121337

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Information disclosure

Description

This security bulletin contains information about 1 security vulnerability.

1) Cleartext storage of sensitive information (CVE-ID: CVE-2022-46141)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to cleartext storage of sensitive information in memory. A local administrator can gain access to sensitive information.

Install update from vendor's website.