CVE-2015-1602

Name of the Vulnerable Software and Affected Versions Siemens SIMATIC STEP 7 (TIA Portal) versions 12 and 13 before 13 SP1 Upd1

Description The issue improperly stores password data within project files. This makes it easier for local users to determine cleartext protection-level passwords or web-server passwords by reading these files.

Recommendations For versions 12 and 13 before 13 SP1 Upd1, update to version 13 SP1 Upd1 or later to resolve the issue. As a temporary workaround, consider restricting access to project files to minimize the risk of exploitation.