First published: Fri Feb 03 2012(Updated: )
The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the administrator account, which makes it easier for remote attackers to obtain access via a brute-force approach involving many HTTP requests.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens WinCC flexible | =2004 | |
Siemens WinCC flexible | =2008 | |
Siemens WinCC flexible | =2007 | |
Siemens WinCC flexible | =2005 | |
Siemens WinCC | =v11 | |
Siemens Simatic Hmi Panels | =tp | |
Siemens Simatic Hmi Panels | =op | |
Siemens Simatic Hmi Panels | =mobile_panels | |
Siemens Simatic Hmi Panels | =comfort_panels | |
Siemens Simatic Hmi Panels | =mp | |
Siemens Wincc Runtime Advanced | =v11 | |
Siemens Wincc Flexible Runtime |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.