CVE-2016-9159

Name of the Vulnerable Software and Affected Versions SIMATIC S7-300 CPU family versions all SIMATIC S7-400 PN/DP V6 and below CPU family versions all SIMATIC S7-400 PN/DP V7 CPU family versions all SIMATIC S7-400 V6 and earlier CPU family versions all SIMATIC S7-400 V7 CPU family versions all SIMATIC S7-410 V8 CPU family versions all

Description A vulnerability has been identified that allows an attacker with network access to port 102/tcp (ISO-TSAP) or via Profibus to obtain credentials from the PLC if protection-level 2 is configured on the affected devices.

Recommendations For SIMATIC S7-300 CPU family, consider disabling protection-level 2 until a patch is available. For SIMATIC S7-400 PN/DP V6 and below CPU family, restrict access to port 102/tcp (ISO-TSAP) to minimize the risk of exploitation. For SIMATIC S7-400 PN/DP V7 CPU family, avoid using Profibus until the issue is resolved. For SIMATIC S7-400 V6 and earlier CPU family, consider configuring an alternative protection level. For SIMATIC S7-400 V7 CPU family, restrict access to the PLC to minimize the risk of exploitation. For SIMATIC S7-410 V8 CPU family, consider disabling protection-level 2 until a patch is available.