A web-based interface of a control panel for klimaatapparatuur at TNO, is used, was made vulnerable by a flaw in industri lwa le software from Siemens. Through the leak were the web server, and any memory cards to access.
Security researcher Billy Rios discovered seven months ago, a vulnerability in Siemens Simatic systems. Management via the web, via VNC, and via Telnet would be open to everyone, have stood by the use of a simple default password for the web interface, in combination with user name ‘Administrator’. After entering an invalid password, the default password will be restored. Siemens would not have responded to reports of Rios, and then he publication all over the world.
Rios to let you know that many vulnerable systems are found through the Shodan search engine, which as a portscanner is to convert. Computerworld found that a Dutch ip address with an open Simatic-system could be found, that to reduce it was to TNO.
The relevant web interface belonging to the Simatic MP 277 10: a 10″touchscreen that TNO serves as a control panel for an air-conditioned chamber in which the institute measurements with different temperatures and humidity. It would not be a criticism system. However, in my web interface access to a file browser where the folder of the web server approach. Also memory cards and usb-keys with logs, parameters, and configuration files were to approach. Finally, the ‘user administration data to upload, so a malicious one .pwl file with your own inlogaccounts could add.