Sign-up

ID

VAR-201212-0033


CVE

CVE-2012-4693


TITLE

Siemens ProcessSuite/Invensys Wonderware InTouch Local Information Disclosure Vulnerability

Trust: 1.6

sources: IVD: 2bdb356a-2353-11e6-abef-000c29c66e3d // IVD: 2d9d0cc0-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-7479 // CNNVD: CNNVD-201212-204

DESCRIPTION

Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by reading this file. Siemens ProcessSuite/Invensys Wonderware InTouch is the distributed control system \"APACS\". ProcessSuite is mostly used in manufacturing, oil and gas, and chemical fields. InTouch is an HMI software. Since the user management system containing the password is stored in the file \"Ps_security.ini\" in a reversible format, users with read access can exploit this vulnerability to obtain password information and log in as a privileged user, affecting system integrity, availability, and confidentiality. Successful attacks can allow a local attacker to gain unauthorized access to the password file. Information obtained may lead to further attacks

Trust: 2.88

sources: NVD: CVE-2012-4693 // JVNDB: JVNDB-2012-005760 // CNVD: CNVD-2012-7479 // BID: 56934 // IVD: 2bdb356a-2353-11e6-abef-000c29c66e3d // IVD: 2d9d0cc0-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-57974

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 2bdb356a-2353-11e6-abef-000c29c66e3d // IVD: 2d9d0cc0-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-7479

AFFECTED PRODUCTS

vendor:siemensmodel:processsuitescope:eqversion: -

Trust: 1.6

vendor:siemensmodel:processsuitescope: - version: -

Trust: 1.4

vendor:invensysmodel:wonderware intouchscope:lteversion:2012

Trust: 1.0

vendor:invensysmodel:intouchscope:lteversion:2012 r2

Trust: 0.8

vendor:wonderwaremodel:intouch r2scope:lteversion:<=2012

Trust: 0.6

vendor:wonderware intouchmodel: - scope:eqversion:*

Trust: 0.4

vendor:processsuitemodel: - scope:eqversion: -

Trust: 0.4

vendor:siemensmodel:processsuitescope:eqversion:0

Trust: 0.3

vendor:invensysmodel:wonderware intouch r2scope:eqversion:2012

Trust: 0.3

sources: IVD: 2bdb356a-2353-11e6-abef-000c29c66e3d // IVD: 2d9d0cc0-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-7479 // BID: 56934 // JVNDB: JVNDB-2012-005760 // CNNVD: CNNVD-201212-204 // NVD: CVE-2012-4693

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-4693
value: LOW

Trust: 1.0

NVD: CVE-2012-4693
value: LOW

Trust: 0.8

CNNVD: CNNVD-201212-204
value: LOW

Trust: 0.6

IVD: 2bdb356a-2353-11e6-abef-000c29c66e3d
value: LOW

Trust: 0.2

IVD: 2d9d0cc0-2353-11e6-abef-000c29c66e3d
value: LOW

Trust: 0.2

VULHUB: VHN-57974
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2012-4693
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: 2bdb356a-2353-11e6-abef-000c29c66e3d
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 2d9d0cc0-2353-11e6-abef-000c29c66e3d
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-57974
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 2bdb356a-2353-11e6-abef-000c29c66e3d // IVD: 2d9d0cc0-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-57974 // JVNDB: JVNDB-2012-005760 // CNNVD: CNNVD-201212-204 // NVD: CVE-2012-4693

PROBLEMTYPE DATA

problemtype:CWE-310

Trust: 1.9

sources: VULHUB: VHN-57974 // JVNDB: JVNDB-2012-005760 // NVD: CVE-2012-4693

THREAT TYPE

local

Trust: 0.9

sources: BID: 56934 // CNNVD: CNNVD-201212-204

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201212-204

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-005760

PATCH
title:Top Pageurl:http://iom.invensys.com/EN/Pages/home.aspx
Trust: 0.8
title:Top Pageurl:http://www.siemens.com/entry/cc/en/
Trust: 0.8
title:SSA-370812: Insecure Password Storage in Siemens ProcessSuite (discontinued product)url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-370812.pdf
Trust: 0.8
title:Wonderware 日本のパートナーurl:http://global.wonderware.com/JP/Pages/JpPartnersSI.aspx
Trust: 0.8
title:シーメンスソリューションパートナーurl:http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx
Trust: 0.8
title:シーメンス・ジャパン株式会社url:http://www.siemens.com/answers/jp/ja/
Trust: 0.8
title:Wonderware Top Pageurl:http://global.wonderware.com/JP/pages/default.aspx
Trust: 0.8
title:Siemens ProcessSuite/Invensys Wonderware InTouch Local Information Disclosure Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/26553
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2012-7479 // 
            
            
            
            JVNDB: JVNDB-2012-005760

EXTERNAL IDS
db:NVDid:CVE-2012-4693
Trust: 3.8
db:ICS CERTid:ICSA-12-348-01
Trust: 3.1
db:SIEMENSid:SSA-370812
Trust: 1.7
db:CNNVDid:CNNVD-201212-204
Trust: 1.1
db:CNVDid:CNVD-2012-7479
Trust: 1.0
db:BIDid:56934
Trust: 1.0
db:JVNDBid:JVNDB-2012-005760
Trust: 0.8
db:IVDid:2BDB356A-2353-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:2D9D0CC0-2353-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:VULHUBid:VHN-57974
Trust: 0.1
sources:
            
            
            IVD: 2bdb356a-2353-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: 2d9d0cc0-2353-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2012-7479 // 
            
            
            
            VULHUB: VHN-57974 // 
            
            
            
            BID: 56934 // 
            
            
            
            JVNDB: JVNDB-2012-005760 // 
            
            
            
            CNNVD: CNNVD-201212-204 // 
            
            
            
            NVD: CVE-2012-4693

REFERENCES
url:http://www.us-cert.gov/control_systems/pdf/icsa-12-348-01.pdf
Trust: 3.1
url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-370812.pdf
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4693
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4693
Trust: 0.8
url:http://www.securityfocus.com/bid/56934
Trust: 0.6
url:http://subscriber.communications.siemens.com/
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2012-7479 // 
            
            
            
            VULHUB: VHN-57974 // 
            
            
            
            BID: 56934 // 
            
            
            
            JVNDB: JVNDB-2012-005760 // 
            
            
            
            CNNVD: CNNVD-201212-204 // 
            
            
            
            NVD: CVE-2012-4693

CREDITS
Seth Bromberger of NCI Security
Trust: 0.9
sources:
            
            
            BID: 56934 // 
            
            
            
            CNNVD: CNNVD-201212-204

SOURCES
db:IVDid:2bdb356a-2353-11e6-abef-000c29c66e3d
db:IVDid:2d9d0cc0-2353-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2012-7479
db:VULHUBid:VHN-57974
db:BIDid:56934
db:JVNDBid:JVNDB-2012-005760
db:CNNVDid:CNNVD-201212-204
db:NVDid:CVE-2012-4693

LAST UPDATE DATE
2025-04-11T23:04:10.335000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2012-7479date:2012-12-17T00:00:00
db:VULHUBid:VHN-57974date:2012-12-19T00:00:00
db:BIDid:56934date:2012-12-13T00:00:00
db:JVNDBid:JVNDB-2012-005760date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-201212-204date:2012-12-17T00:00:00
db:NVDid:CVE-2012-4693date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:IVDid:2bdb356a-2353-11e6-abef-000c29c66e3ddate:2012-12-17T00:00:00
db:IVDid:2d9d0cc0-2353-11e6-abef-000c29c66e3ddate:2012-12-17T00:00:00
db:CNVDid:CNVD-2012-7479date:2012-12-17T00:00:00
db:VULHUBid:VHN-57974date:2012-12-18T00:00:00
db:BIDid:56934date:2012-12-13T00:00:00
db:JVNDBid:JVNDB-2012-005760date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-201212-204date:2012-12-17T00:00:00
db:NVDid:CVE-2012-4693date:2012-12-18T12:30:05.857