Siemens SIMATIC WinCC (TIA Portal) 13 < 13 SP1 Multiple Vulnerabilities (SSA-543623)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

An application running on the remote host is affected by multiple
vulnerabilities.

Description :

The remote host is running a version of Siemens SIMATIC WinCC (TIA
Portal) 13.x prior to version 13 service pack 1 (1300.100.2201.15). It
is, therefore, affected by multiple vulnerabilities :

- A flaw exists in the project administration application
due to the use of a hardcoded encryption key. A remote
attacker can extract this key and use it to perform a
man-in-the-middle attack in order to gain access to the
system. (CVE-2014-4686)

- A flaw exists in the remote management module in Multi
Panels, Comfort Panels, and RT Advanced due to the
transmission of weakly protected credentials over the
network. A remote, man-in-the-middle attacker can
capture the network traffic of the remote management
module to gain access to credential information.
(CVE-2015-1358)

See also :

http://www.nessus.org/u?453f2b12
https://ics-cert.us-cert.gov/advisories/ICSA-15-048-02

Solution :

Upgrade to Siemens SIMATIC WinCC (TIA Portal) version 13 SP1
(1300.100.2201.15) or later.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: SCADA

Nessus Plugin ID: 81578 ()

Bugtraq ID: 68875
72625

CVE ID: CVE-2014-4686
CVE-2015-1358

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now