Thanks to Yury Goltsev, Ilya Karpov, Alexey Osipov, Dmitry Serebryannikov and Alex Timorin.
There are a lot of, but combination of Authentication bypass (INSUFFICIENT ENTROPY/CVE-2014-2251) and Hardcoded SNMP community string (once again)/NO-CVE/Unfixed is the best.
Links
http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf
http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01
Some good stuff for 1200/TIA portal in queue.
Enjoy...
No comments:
Post a Comment