This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_SIEMENS_TIA_WINCC_MULTIPLE_VULNERABILITIES_SSA-543623.NBINSiemens SIMATIC WinCC (TIA Portal) 13 < 13 SP1 Multiple Vulnerabilities (SSA-543623)
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.8%
The remote host is running a version of Siemens SIMATIC WinCC (TIA Portal) 13.x prior to version 13 service pack 1 (1300.100.2201.15). It is, therefore, affected by multiple vulnerabilities :
-
A flaw exists in the project administration application due to the use of a hardcoded encryption key. A remote attacker can extract this key and use it to perform a man-in-the-middle attack in order to gain access to the system. (CVE-2014-4686)
-
A flaw exists in the remote management module in Multi Panels, Comfort Panels, and RT Advanced due to the transmission of weakly protected credentials over the network. A remote, man-in-the-middle attacker can capture the network traffic of the remote management module to gain access to credential information.
(CVE-2015-1358)
Binary data scada_siemens_tia_wincc_multiple_vulnerabilities_SSA-543623.nbin| Vendor | Product | Version | CPE |
|---|---|---|---|
| siemens | simatic_tiaportal | cpe:/a:siemens:simatic_tiaportal | |
| siemens | wincc | cpe:/a:siemens:wincc |
Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.8%