{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-20T03:56:30.364","vulnerabilities":[{"cve":{"id":"CVE-2012-3032","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2012-09-18T14:55:01.537","lastModified":"2026-06-16T23:42:32.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en Siemens WinCC v7.0 SP3 y anteriores, como se usa en SIMATIC PCS7 y otros productos, permite a atacantes remotos ejecutar comandos SQL de su elección a través de un mensaje SOAP modificado."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*","matchCriteriaId":"E8B894F4-9635-4436-BC0A-E43280426017"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:wincc:*:sp3:*:*:*:*:*:*","versionEndIncluding":"7.0","matchCriteriaId":"5AC094B0-B1BE-436D-A8D3-2008D0CDE070"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:wincc:5.0:*:*:*:*:*:*:*","matchCriteriaId":"B4CB277F-7ECB-4F44-8BB5-A3D350486EE7"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:wincc:5.0:sp1:*:*:*:*:*:*","matchCriteriaId":"616535F1-F609-408B-AE48-61ACF48748A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:wincc:6.0:*:*:*:*:*:*:*","matchCriteriaId":"7F322FCB-32F4-4C5A-A7F5-F7EF41188C88"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:wincc:6.0:sp2:*:*:*:*:*:*","matchCriteriaId":"69822DB4-DC79-4F88-A470-5AC512C77377"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:wincc:6.0:sp3:*:*:*:*:*:*","matchCriteriaId":"996DE8BD-DD51-41EF-9882-C2BD2CC5FE53"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:wincc:6.0:sp4:*:*:*:*:*:*","matchCriteriaId":"945C8B46-4CDA-4143-889C-30E30E93DB29"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:wincc:7.0:*:*:*:*:*:*:*","matchCriteriaId":"A33F9015-7058-419A-8762-CB2AE4ACF1A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:wincc:7.0:sp1:*:*:*:*:*:*","matchCriteriaId":"E6271FCC-CCF6-4D31-801A-B4B0DC4639DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:wincc:7.0:sp2:*:*:*:*:*:*","matchCriteriaId":"DF7A6B2B-D573-4285-B3B4-136F2BE7E710"}]}]}],"references":[{"url":"http://en.securitylab.ru/lab/PT-2012-44","source":"ics-cert@hq.dhs.gov"},{"url":"http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf","source":"ics-cert@hq.dhs.gov","tags":["Patch","Vendor Advisory"]},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf","source":"ics-cert@hq.dhs.gov","tags":["US Government Resource"]},{"url":"http://en.securitylab.ru/lab/PT-2012-44","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-864051.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-12-256-01.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]}]}}]}