SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-996556854] Siemens SIMATIC WinCC OA Operator IOS App

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2018-04-19OtherSiemensAlexander Bolshev of IOActive and Ivan Yushkevich of Embedi reported this vulnerability to SiemensN/ACVE-2018-4847 N/AN/AN/A

Source

						
							
								
#

# Siemens SIMATIC WinCC OA Operator IOS App

#





### VULNERABLE VENDOR

Siemens





### VULNERABLE PRODUCT

Simatic WinCC OA iOS App 





### RESEARCHER

Alexander Bolshev of IOActive and Ivan Yushkevich of Embedi reported this vulnerability to Siemens.





### AFFECTED PRODUCTS

Siemens reports this vulnerability affects the following product:



SIMATIC WinCC OA Operator iOS App: All Versions





### IMPACT

Successful exploitation of this vulnerability could allow an attacker with physical access to read sensitive data located in the app’s directory.





### VULNERABILITY OVERVIEW

3.2.1  FILE AND DIRECTORY INFORMATION EXPOSURE CWE-538

An attacker with physical access to the mobile device could read unencrypted sensitive data from the app’s directory.

CVE-2018-4847 has been assigned to this vulnerability.

A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is (AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)



### BACKGROUND

Critical Infrastructure Sectors: Chemical, Energy, Food and Agriculture, and Water and Wastewater Systems

Countries/Areas Deployed: Worldwide

Company Headquarters Location: Germany




### MITIGATION



Siemens has identified the following specific workarounds and mitigations that users can apply to reduce the risk:



Toggle off the button to save password while logging in, and logout after every work session.



Follow the SIMATIC WinCC OA Security Guideline (available at https://portal.etm.at/index.php? option=com_phocadownload&view=category&id=52:security&Itemid=81





) for maintaining a secured SIMATIC WinCC OA environment.



Siemens does not recommend to use the app in high security areas.



As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security





), and following the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity





For more information on this vulnerability and associated mitigation practices, please see Siemens security advisory SSA-597741 on their website:



https://www.siemens.com/cert/advisories