Siemens said in a statement last week that it was notified of vulnerabilities in its SCADA products by security researchers Billy Rios and Terry McCorkle. These products include the WinCC flexible RT versions from 2004 to 2008 SP2 and WinCC Runtime Advanced V11 and multiple SIMATIC panels (TP, OP, MP, Comfort).
The company said that it would issue security updates for the vulnerabilities, first reported in May 2011, next month.
In a security advisory, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), part of the US Department of Homeland Security, said that it was made aware of the vulnerabilities identified by Rios and McCorkle in Siemens’s SCADA products used as an interface between operations and programmable logic controllers (PLCs).
“Systems running affected versions of this product are accessible using a default username and password. These systems also generate an insecure authentication token for browser sessions”, ICS-CERT explained. The advisory added that “no known exploits specifically target these vulnerabilities.”
ICS-CERT recommended that asset owners take the following defensive measures to protect against cyberattack: minimize network exposure for all control system devices; locate control system networks and remote devices behind firewalls and isolate them from the business network; and use secure remote access methods, such as virtual private networks.