Siemens SIMATIC Logon Authentication Bypass

High Nessus Plugin ID 97666

Synopsis

A logon service for SCADA applications running on the remote host is affected by an authentication bypass vulnerability.

Description

The Siemens SIMATIC Logon service running on the remote host is affected by an authentication bypass vulnerability that allows an unauthenticated, remote attacker to access SIMATIC applications.

Solution

Upgrade to SIMATIC Logon V1.5 SP3 Update 2 or later.

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-17-045-03

http://www.nessus.org/u?fe7c95d2

Plugin Details

Severity: High

ID: 97666

File Name: scada_siemens_simatic_logon_auth_bypass.nbin

Version: 1.54

Type: remote

Family: SCADA

Published: 2017/03/10

Modified: 2018/12/06

Dependencies: 97667

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: x-cpe:/a:siemens:simatic_logon

Required KB Items: Siemens SIMATIC Logon Service

Exploited by Nessus: true

Patch Publication Date: 2017/02/13

Vulnerability Publication Date: 2017/02/13

Reference Information

CVE: CVE-2017-2684

BID: 96208

ICSA: 17-045-03