Siemens SIMATIC Logon Authentication Bypass

High Nessus Plugin ID 97666

Synopsis

A logon service for SCADA applications running on the remote host is affected by an authentication bypass vulnerability.

Description

The Siemens SIMATIC Logon service running on the remote host is affected by an authentication bypass vulnerability that allows an unauthenticated, remote attacker to access SIMATIC applications.

Solution

Upgrade to SIMATIC Logon V1.5 SP3 Update 2 or later.

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-17-045-03

http://www.nessus.org/u?a0a6495c

Plugin Details

Severity: High

ID: 97666

File Name: scada_siemens_simatic_logon_auth_bypass.nbin

Version: $Revision: 1.40 $

Type: remote

Family: SCADA

Published: 2017/03/10

Modified: 2018/06/06

Dependencies: 97667

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSSv3

Base Score: 9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Vulnerability Information

CPE: x-cpe:/a:siemens:simatic_logon

Required KB Items: Siemens SIMATIC Logon Service

Exploited by Nessus: true

Patch Publication Date: 2017/02/13

Vulnerability Publication Date: 2017/02/13

Reference Information

CVE: CVE-2017-2684

BID: 96208

ICSA: 17-045-03