|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-07-30 | |
| Rule Name: | mySCADA myPRO 7 - Hardcoded FTP Username and Password Vulnerability (CVE-2018-11311) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials. | |
| Impact: | In the latest version of myPRO (v7), it has been discovered that the ftp server's -running on port 2121- username and password information is kept in the file by using reverse engineering. Anyone who connects to an FTP server with an authorized account can upload or download files onto the server running myPRO software. | |
| Affected OS: | Network Device, Solaris, FreeBSD, Windows, Mac OS, iOS, Other Unix, Linux, Others, Android | |
| Reference: | https://emreovunc.com/blog/en/mySCADA-myPRO7-Exploit.pdf https://github.com/EmreOvunc/mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password ExploitDB:44656 |
|
| Solutions |
|---|
| As a workaround you need to restrict port 2121 access from the outside. There is no permanent solution for the vendor because there is no patch available. |