SSA-984700 (Last Update: 2019-10-08): Password Storage Vulnerability in SIMATIC IT UADM


2019-10-08 00:00:00 UTC


A vulnerability has been identified in the SIMATIC IT Unified Architecture Discrete Manufacturing product that caused a password to be encrypted with a predicable encryption key. An authenticated attacker could potentially recover the password and gain access to the TeamCenter station connected to the instance.

Siemens provides updates to address the vulnerability, and recommends specific mitigations.