Please use another Browser

It looks like you are using a browser that is not fully supported. Please note that there might be constraints on site display and usability. For the best experience we suggest that you download the newest version of a supported browser:

Internet Explorer, Chrome Browser, Firefox Browser, Safari Browser

Continue with the current browser

Issue Details and Mitigations

Security Advisory Details

AFFECTED PRODUCTS AND MITIGATIONS

SIMATIC WinCC flexible panels and runtime systems are used for process visualization and control operations. Detailed information about the vulnerability is provided below.

Siemens provides Update 7 for SIMATIC WinCC flexible 2008 SP3 which fixes the vulnerability and recommends customers to update to the new version.

 

As a general security measure Siemens strongly recommends to protect network access to devices running SIMATIC WinCC flexible with appropriate mechanisms. It is advised to configure the environment according to our operational guidelines [1] in order to run the devices in a protected IT environment.

SECURITY VULNERABILITY CLASSIFICATION

The vulnerability classification has been performed by using the CVSS scoring system in version 3 (CVSSv3) (http://www.first.org/cvss/). The CVSS environmental score is specific to the customer's environment and will impact the overall CVSS score. The environmental score should therefore be individually defined by the customer to accomplish final scoring.


Vulnerability Description (CVE-2015-1358)
The remote management module of SIMATIC WinCC flexible panels and SIMATIC WinCC flexible runtime transmits weakly protected credentials over the network. Attackers capturing network traffic of the remote management module could possibly reconstruct the credentials. The vulnerability can only be exploited if an attacker is able to capture network traffic of the remote management module from a privileged network position.


CVSS Base Score     3.7
CVSS Vector             CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Siemens thanks the following for coordinated disclosure:

 

Gleb Gritsai

Positive Technologies 

 

Roman Ilin

Positive Technologies

[1] An overview of the operational guidelines for Industrial Security (with the cell protection concept):
https://www.siemens.com/cert/operational-guidelines-industrial-security


[2] Information about Industrial Security by Siemens:
https://www.siemens.com/industrialsecurity

V1.0 (2016-06-08): Publication Date

Contact & Support