Multiple security vulnerabilities in Siemens Tecnomatix FactoryLink

Release date:
Updated on:

Affected Systems:
Siemens Tecnomatix FactoryLink 8.0.1.1473
Description:
--------------------------------------------------------------------------------
Bugtraq id: 46934

Siemens FactoryLink can supervise, manage, and control industrial processes.

Siemens FactoryLink has multiple security vulnerabilities. Remote attackers can exploit these vulnerabilities to obtain sensitive information and run arbitrary code or cause denial of service.

<* Source: Luigi Auriemma (aluigi@pivx.com)
*>

Test method:
--------------------------------------------------------------------------------

Alert

The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!

Click to download exploits.zip

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Siemens
-------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Http://www.siemens.com/entry/cc/en/

Http://www.plm.automation.siemens.com/en_us/products/tecnomatix/production_management/factorylink/index.shtml

1 2 Next Page