Siemens Security Advisory 526760
Issue Details and Mitigations
Security Advisory Details
SIMATIC WinCC flexible panels and runtime systems are used for process visualization and control operations. Detailed information about the vulnerability is provided below.
Siemens provides Update 7 for SIMATIC WinCC flexible 2008 SP3 which fixes the vulnerability and recommends customers to update to the new version.
As a general security measure Siemens strongly recommends to protect network access to devices running SIMATIC WinCC flexible with appropriate mechanisms. It is advised to configure the environment according to our operational guidelines  in order to run the devices in a protected IT environment.
The vulnerability classification has been performed by using the CVSS scoring system in version 3 (CVSSv3) (http://www.first.org/cvss/). The CVSS environmental score is specific to the customer's environment and will impact the overall CVSS score. The environmental score should therefore be individually defined by the customer to accomplish final scoring.
Vulnerability Description (CVE-2015-1358)
The remote management module of SIMATIC WinCC flexible panels and SIMATIC WinCC flexible runtime transmits weakly protected credentials over the network. Attackers capturing network traffic of the remote management module could possibly reconstruct the credentials. The vulnerability can only be exploited if an attacker is able to capture network traffic of the remote management module from a privileged network position.
CVSS Base Score 3.7
CVSS Vector CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
Siemens thanks the following for coordinated disclosure:
 An overview of the operational guidelines for Industrial Security (with the cell protection concept):
 Information about Industrial Security by Siemens:
V1.0 (2016-06-08): Publication Date