Detections
Analytics

Siemens WinCC and SIMATIC HMI Panels Default Password

high Nessus Network Monitor Plugin ID 720003

Synopsis

The HMI web server in Siemens WinCC and SIMATIC HMI panels have an improperly selected default password for the administrator account

Description

The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the administrator account, which makes it easier for remote attackers to obtain access via a brute-force approach involving many HTTP requests.

Solution

Perform vendor recommended mitigations and apply available vendor upgrades.

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-12-030-01A,http://www.us-cert.gov/control_systems/pdf/ICSA-12-030-01.pdf,http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf

Plugin Details

Severity: High

ID: 720003

Family: SCADA

Published: 5/8/2019

Updated: 9/30/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Patch Publication Date: 4/18/2012

Vulnerability Publication Date: 4/18/2012

Reference Information

CVE: CVE-2011-4509