cve/CVE-2010-2772.md at a1f7af13e63bb8df7e5f4b4213aa3bc22aa59913

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.

POC

Reference

http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725
http://www.wired.com/threatlevel/2010/07/siemens-scada/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Reakt0rPhantom/Stuxnet-Rootkit
https://github.com/ic3sw0rd/S7_plus_Crash
https://github.com/nukIeer/stuxnet
https://github.com/ring0-c0d3-br34k3r/Stuxnet-Rootkit
https://github.com/rodrigosilvaluz/STUXNET_DEEP_DIVE
https://github.com/s3mPr1linux/STUXNET_DEEP_DIVE
https://github.com/uraninite/stuxnet
https://github.com/uraninite/win32-stuxnet
https://github.com/x86byte/Stuxnet-Rootkit

1.2 KiB Raw Blame History

CVE-2010-2772

Description

POC

Reference

Github

1.2 KiB

Raw Blame History