Siemens.S7-300.Hardcoded.Credentials.Security.Bypass

description-logoDescription

This indicates an attack attempt against a Security Bypass Vulnerability on Siemens S7-300
The vulnerability is due to Hard-coded credentials found on the vulnerable application. A remote attacker may be able to exploit this to execute arbitrary code within the system via a crafted request.

affected-products-logoAffected Products

CPU315(including F)-2PN/DP V2.6 and previous
CPU317(including F)-2PN/DP V2.6 and previous
CPU319(including F)-3PN/DP V2.7 and previous
IM151-8(including F) PN/DP CPU V2.7
M154-8 PN/DP CPU V2.5

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable system

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
support.automation.siemens.com/WW/view/en/51810333

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)