Siemens Mitigates WinCC Vulnerability
Friday, June 10, 2016 @ 09:06 AM gHale
Siemens updated its SIMATIC WinCC flexible to mitigate a weakly protected credentials vulnerability, according to a report with ICS-CERT.
This vulnerability, discovered by Gleb Gritsai and Roman Ilin from Positive Technologies, is remotely exploitable.
SIMATIC WinCC flexible: All versions prior to SP3 Up7 suffer from the issue.
Attackers capturing network traffic of the remote management module could possibly reconstruct user credentials.
Siemens is a multinational company headquartered in Munich, Germany.
The affected product. SIMATIC WinCC flexible, is a software package used for visualization and machine or small system operations. This product runs on standard PCs or on Siemens panel PCs.
This product sees action across several sectors including chemical, energy, food and agriculture, and water and wastewater systems. Siemens said these products see use on a global basis.
The remote management module of SIMATIC WinCC flexible panels and SIMATIC WinCC flexible runtime transmits weakly protected credentials over the network. Attackers capturing network traffic of the remote management module could possibly reconstruct the credentials.
CVE-2015-1358 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 3.7.
No known public exploits specifically target this vulnerability. In addition, an attacker with high skill would be able to exploit this vulnerability.
Siemens provides Update 7 for SIMATIC WinCC flexible 2008 SP3, which fixes the vulnerability, and recommends users to update to the new version. Click here to download Update 7.
As a general security measure Siemens recommends protecting network access to devices running SIMATIC WinCC flexible with appropriate mechanisms. Siemens advises configuring the environment according to Siemens operational guidelines in order to run the devices in a protected IT environment.