Siemens » Simatic Wincc Runtime : Security Vulnerabilities, CVEs, (CSRF)
The login endpoint /FormLogin in affected web services does not apply proper origin checking.
This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.
Max CVSS
6.5
EPSS Score
0.07%
Published
2022-11-08
Updated
2023-04-11
1 vulnerabilities found