CVE-2012-3020

Description

The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain administrative access via a network session.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• http://support.automation.siemens.com/WW/view/en/41929231/130000
• http://www.us-cert.gov/control_systems/pdf/ICSA-12-214-01.pdf
• http://support.automation.siemens.com/WW/view/en/41929231/130000
• http://www.us-cert.gov/control_systems/pdf/ICSA-12-214-01.pdf

CWEs

CWE-255