Dodgy creds found in Siemens ICS gear

Don't run our stuff on soft networks, Siemens chimes

The US computer emergency response team is warning of weak credentials in Siemens SIMATIC WinCC flexible that can be remotely exploitable.

The flaw, found by Positive Technologies' Gleb Gritsai and Roman Ilin, has been patched.

Fortunately, it seems to require that attackers already have some privileged network position from which traffic could be inspected.

The PC software is popular among utilities including those in chemical, energy, and water sectors around the world.

"The remote management module of SIMATIC WinCC flexible panels and SIMATIC WinCC flexible runtime transmits weakly protected credentials over the network," the industrial control system CERT says.

"Attackers capturing network traffic of the remote management module could possibly reconstruct the credentials.

"Impact to individual organisations depends on many factors that are unique to each organisation.

The SIMATIC WinCC flexible software is used for visualisation and machine operations running on PCs or Siemens gear.

The flaw (CVE-2015-1358b) is considered of medium severity given its ability to be remotely compromised.

"An attacker with high skill would be able to exploit this vulnerability," the CERT says

A patch can be downloaded by affected users.

Siemens says strong security controls should protect its industrial control system gear in line with operational guidelines ?


Biting the hand that feeds IT ? 1998–2017

  • 305452893 2018-01-22
  • 61770892 2018-01-22
  • 59080891 2018-01-22
  • 87471890 2018-01-22
  • 79096889 2018-01-22
  • 734763888 2018-01-22
  • 455411887 2018-01-22
  • 685280886 2018-01-22
  • 615657885 2018-01-22
  • 700163884 2018-01-21
  • 866691883 2018-01-21
  • 994750882 2018-01-21
  • 92145881 2018-01-21
  • 263961880 2018-01-21
  • 5823879 2018-01-21
  • 202428878 2018-01-21
  • 235407877 2018-01-21
  • 949120876 2018-01-21
  • 530375875 2018-01-21
  • 14090874 2018-01-21