Siemens SIMATIC STEP 7 (TIA Portal) < 1300.100.2501.1 Multiple Vulnerabilities (SSA-315836)

medium Nessus Plugin ID 81545

Synopsis

An application running on the remote host is affected by multiple vulnerabilities.

Description

The remote host is running a version of Siemens SIMATIC STEP 7 (TIA Portal) prior to version 13 Service Pack 1 Update 1. It is, therefore, affected by multiple vulnerabilities :

- An unspecified man-in-the-middle vulnerability allows remote attackers to intercept or modify Siemens industrial communications. (CVE-2015-1601)

- An unspecified password hashing flaw allows local attackers with read access to TIA project files to reconstruct protection-level and web server passwords.
(CVE-2015-1602)

Solution

Upgrade to Siemens SIMATIC TIA Portal version 13 SP1 Update 1 or later as recommended by the vendor.

See Also

http://www.nessus.org/u?85f3a651

https://ics-cert.us-cert.gov/advisories/ICSA-15-050-01A

Plugin Details

Severity: Medium

ID: 81545

File Name: scada_siemens_tia_multiple_vulnerabilities_SSA-315836.nbin

Version: 1.72

Type: local

Agent: windows

Family: SCADA

Published: 2/26/2015

Updated: 8/2/2022

Supported Sensors: Nessus Agent

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS Score Source: CVE-2015-1601

Vulnerability Information

CPE: cpe:/a:siemens:simatic_tiaportal

Required KB Items: installed_sw/Siemens SIMATIC STEP 7 (TIA Portal)

Exploit Ease: No known exploits are available

Patch Publication Date: 2/17/2015

Vulnerability Publication Date: 2/17/2015

Reference Information

CVE: CVE-2015-1601, CVE-2015-1602

BID: 72691, 72695

ICSA: 15-050-01