By weakness (CWE)
CWE-313: related vulnerabilities
CVEs classified under CWE-313. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
1 published vulnerability
- CVE-2026-24349HIGH 7.1
A vulnerability in Siemens SIMATIC WinCC Unified PC Runtime allows an attacker with local access to extract sensitive cryptographic material from the Certificate Manager component. The issue stems from inadequate protection of key material stored on disk or in memory, potentially exposing certificates and private keys that protect SCADA/HMI communications. While exploitation requires local system access, the impact is significant because certificate compromise can enable downstream attacks on industrial control systems and their communications.