Intrusion Prevention

Siemens.S7300.Hardcoded.Credentials.Security.Bypass

Description

This indicates an attack attempt against a Security Bypass Vulnerability on Siemens S7-300
The vulnerability is due to Hard-coded credentials found on the vulnerable application. A remote attacker may be able to exploit this to execute arbitrary code within the system via a crafted request.

Affected Products

CPU315(including F)-2PN/DP V2.6 and previous
CPU317(including F)-2PN/DP V2.6 and previous
CPU319(including F)-3PN/DP V2.7 and previous
IM151-8(including F) PN/DP CPU V2.7
M154-8 PN/DP CPU V2.5

Impact

System Compromise: Remote attackers can gain control of vulnerable system

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
support.automation.siemens.com/WW/view/en/51810333