CVE-2012-3020

Published: Aug 6, 2012Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The Siemens Synco OZW Web Server devices OZW672.*, OZW772.*, and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain administrative access via a network session.

Affected (9)

Products: Siemens: Synco Ozw Web Server, Synco Ozw Web Server Firmware

Siemens

2 products

Synco Ozw Web Server

Synco Ozw Web Server Firmware

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Siemens Synco Ozw Web Server	Version ozw672.01
Siemens Synco Ozw Web Server	Version ozw672.04
Siemens Synco Ozw Web Server	Version ozw672.16
Siemens Synco Ozw Web Server	Version ozw772.01
Siemens Synco Ozw Web Server	Version ozw772.04
Siemens Synco Ozw Web Server	Version ozw772.16
Siemens Synco Ozw Web Server	Version ozw772.250
Siemens Synco Ozw Web Server	Version ozw775
Siemens Synco Ozw Web Server Firmware	Up to 3.0

Related CWEs

CWE-255

References (4)

http://support.automation.siemens.com/WW/view/en/41929231/130000

Source: ics-cert@hq.dhs.gov

http://www.us-cert.gov/control_systems/pdf/ICSA-12-214-01.pdf

Source: ics-cert@hq.dhs.gov

US Government Resource

http://support.automation.siemens.com/WW/view/en/41929231/130000

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/control_systems/pdf/ICSA-12-214-01.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

Timeline

No history available yet.