The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state.
Low
Date | CVE | Title | CVSS |
---|---|---|---|
2015-01-14 | CVE-2014-5233 | Information Leak / Disclosure vulnerability in Siemens Simatic Wincc SM%40Rtclient 1.0 | 1.9 |
2015-01-14 | CVE-2014-5231 | Information Leak / Disclosure vulnerability in Siemens Simatic Wincc SM%40Rtclient 1.0 | 2.1 |