Threat Intelligence / CVE / CVE-2020-15791
CVE-2020-15791
A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 CPU family (incl. SIPLUS variants) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions), SINUMERIK 840D sl (All versions). The authentication protocol between a client and a PLC via port 102/tcp (ISO-TSAP) insufficiently protects the transmitted password. This could allow an attacker that is able to intercept the network traffic to obtain valid PLC credentials.
CVSS v3 vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weaknesses (CWE)
CWE-522
Threats tracking this CVE
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-381684.pdf
Full detection coverage & IOCs for threats exploiting CVE-2020-15791 are available via the Threadlinqs MCP server (Purple tier). View plans →