Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Schneider Hardcoded Password

🗓️ 06 Apr 2017 00:00:00Reported by Ralf SpennebergType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 33 Views

Schneider Modicon TM221CE16R hardcoded password, critical vulnerability, no protection

Code
`OpenSource Security Ralf Spenneberg  
Am Bahnhof 3-5  
48565 Steinfurt  
[email protected]  
  
OS-S Security Advisory 2017-02  
  
Date: April 4th, 2017  
Authors: Simon Heming, Maik BrA1/4ggemann, Hendrik Schwartke, Ralf Spenneberg  
CVE: not yet assigned  
CVSS: 10  
Affected Device: Schneider SoMachine Basic 1.4 SP1, Schneider Modicon  
TM221CE16R, Firmware 1.3.3.3  
  
Title: The password for the project protection of the Schneider Modicon  
TM221CE16R is hard-coded and cannot be changed.  
Severity: Critical. The protection of the application is not existant.  
Ease of Exploitation: Trivial  
Vulnerability type: Information Disclosure  
Vendor contacted: December 23rd, 2016  
  
Abstract  
The Project Protection is used to prevent unauthorized users from  
opening the protected project file by prompting the user for a password.  
The XML file is AES-CBC encrypted, however the key used for encryption  
is hard coded and cannot be changed. The key used for encryption is:  
aSoMachineBasicSoMachineBasicSoMaa. After decrypting the XML file with  
the standard password the user password can be found in the decrypted  
data. After reading the user password the project can be opened and  
modified with SoMachine Basic.  
  
Vendor Contacted  
We contacted the vendor. Apart from the first acknowledgement of the  
receipt of the report we did not receive any further information.  
  
PDF: https://www.os-s.net/advisories/OSS-2017-02.pdf  
--   
OpenSource Training Ralf Spenneberg http://www.os-t.de  
Am Bahnhof 3-5 48565 Steinfurt Germany  
Fon: +49(0)2552 638 755 Fax: +49(0)2552 638 757  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 Apr 2017 00:00Current
schneidermodicontm221ce16rhardcoded passwordcriticalvulnerabilityno protectioninformation disclosureaes-cbcencryptionvendor contacted
33