|2018-04-19||Other||Siemens||Alexander Bolshev of IOActive and Ivan Yushkevich of Embedi reported this vulnerability to Siemens||N/A||CVE-2018-4847 ||N/A||N/A||N/A|
# Siemens SIMATIC WinCC OA Operator IOS App
### VULNERABLE VENDOR
### VULNERABLE PRODUCT
Simatic WinCC OA iOS App
Alexander Bolshev of IOActive and Ivan Yushkevich of Embedi reported this vulnerability to Siemens.
### AFFECTED PRODUCTS
Siemens reports this vulnerability affects the following product:
SIMATIC WinCC OA Operator iOS App: All Versions
Successful exploitation of this vulnerability could allow an attacker with physical access to read sensitive data located in the app’s directory.
### VULNERABILITY OVERVIEW
3.2.1 FILE AND DIRECTORY INFORMATION EXPOSURE CWE-538
An attacker with physical access to the mobile device could read unencrypted sensitive data from the app’s directory.
CVE-2018-4847 has been assigned to this vulnerability.
A CVSS v3 base score of 4.0 has been calculated; the CVSS vector string is (AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)
Critical Infrastructure Sectors: Chemical, Energy, Food and Agriculture, and Water and Wastewater Systems
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Germany
Siemens has identified the following specific workarounds and mitigations that users can apply to reduce the risk:
Toggle off the button to save password while logging in, and logout after every work session.
Follow the SIMATIC WinCC OA Security Guideline (available at https://portal.etm.at/index.php? option=com_phocadownload&view=category&id=52:security&Itemid=81
) for maintaining a secured SIMATIC WinCC OA environment.
Siemens does not recommend to use the app in high security areas.
As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security
), and following the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
For more information on this vulnerability and associated mitigation practices, please see Siemens security advisory SSA-597741 on their website: