Medium severity5.4NVD Advisory· Published Aug 8, 2017· Updated May 13, 2026

CVE-2017-6871

Description

A vulnerability was discovered in Siemens SIMATIC WinCC Sm@rtClient for Android (All versions before V1.0.2.2) and SIMATIC WinCC Sm@rtClient for Android Lite (All versions before V1.0.2.2). An attacker with physical access to an unlocked mobile device, that has the affected app running, could bypass the app's authentication mechanism under certain conditions.

Affected products

Siemens Foundation/Simatic Wincc Sm\@rtclient
cpe:2.3:a:siemens:simatic_wincc_sm\@rtclient:*:*:*:*:*:android:*:*
Range: <=1.0.2.1
Siemens Foundation/Simatic Wincc Sm\@rtclient Lite
cpe:2.3:a:siemens:simatic_wincc_sm\@rtclient_lite:*:*:*:*:*:android:*:*
Range: <=1.0.2.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/99582nvdThird Party AdvisoryVDB Entry
www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-589378.pdfnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.351
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000