Release date: 2011-12-22
Updated on: 2011-12-23
Affected Systems:
Siemens SIMATIC WinCC Flexible 2008 SP2
Siemens SIMATIC WinCC Flexible 2008
Siemens SIMATIC WinCC Flexible 2007
Siemens SIMATIC WinCC Flexible 2005
Siemens SIMATIC WinCC Flexible 2004
Siemens SIMATIC WinCC flexible Runtime
Siemens SIMATIC WinCC V11 SP2
Siemens SIMATIC WinCC V11 SP1
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51177
Cve id: CVE-2011-4508, CVE-2011-4509
The Siemens simatic hmi product family is a man-machine interface between the PLC and operator.
Multiple SIMATIC products have the Authentication Bypass Vulnerability in implementation. When non-encrypted HTTP Communication is used, users can predict the authentication token/Cookie value set after logon, attackers can exploit these vulnerabilities to bypass target security restrictions and obtain the access permissions of affected applications.
<* Source: Billy Rios
Terry McCorkle
Link: http://www.us-cert.gov/control_systems/pdf/ICSA-11-356-01.pdf
Http://xs-sniper.com/blog/2011/12/20/the-siemens-simatic-remote-authentication-bypass-that-doesnt-exist/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Siemens
-------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/Pages/Default.aspx
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
