SCADA StrangeLove: All your PLC are belong to us (2)

Saturday, March 15, 2014

All your PLC are belong to us (2)

Fixes for Siemens S7 1500 PLC are published.
Thanks to Yury Goltsev, Ilya Karpov, Alexey Osipov, Dmitry Serebryannikov and Alex Timorin.
There are a lot of, but combination of Authentication bypass (INSUFFICIENT ENTROPY/CVE-2014-2251) and Hardcoded SNMP community string (once again)/NO-CVE/Unfixed is the best.

Links

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf

http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01

Some good stuff for 1200/TIA portal in queue.

Enjoy...

1 comment:

Diac NoidaNovember 23, 2017 at 12:06 AM
#DIAC providing PLC SCADA Training with 100% Job assurance and FREE DEMO classes on #PLC # SCADA #HMI #Automation #AutoCAD #Instrumentation #Panel Design by Industry Experts. Don't Just Think....!! Call Now 9310096830/931OO96831 ...!!
ReplyDelete

Subscribe to: Post Comments (Atom)