Unitronics designs, manufactures, and markets advanced control and automation solutions including a complete
line of PLCs with integrated HMI, full line of VFDs, a broad array of I/Os and complementary devices, as well as programming software for all aspects of control, motion, HMI, and communications. Unitronics PLCs range from micro-PLC + HMI units for simple machine control, to complex controllers with advanced functions, a variety of onboard IOs and multiple communication options.
The Vision series of programmable controllers (PLC + HMI) ranges from palm-sized controllers with onboard I/O to large-screen controllers with snap-in I/O.
Unitronics Vision Series PLCs and HMIs use default administrative passwords of “[[code:1111]]”.
It is common practice for products to be designed to use default passwords for authentication. The rationale is to simplify the manufacturing process or the system administrator’s task of installation and deployment into an enterprise. However, if admins do not change the defaults, then it makes it easier for attackers to quickly bypass authentication across multiple organizations. There are many lists of default passwords and default-password scanning tools that are easily available from the World Wide Web.
Exploit permits an unauthenticated attacker with network access to a PLC or HMI to take administrative control of the system.
NOTE: On November 28 2023, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported a series of cyber attacks targeting Water and Wastewater Systems (WWS) facilities by an Iranian-backed cyber group known as CyberAv3ngers. One such attack is reported as involving the active exploitation of Unitronics programmable logic controllers (PLCs) that operated in a vital water authority in western Pennsylvania, posing a threat to public safety. The authority reported the actors were able to gain control of a remote booster station serving two townships, but stressed there is no known risk to the drinking water or water supply.
Prioritisation should be given to remediation in any impacted environment
* Unitronics Vision Series (all versions)
To secure facilities against this threat, CISA urges organizations to:
Category: Credential Management
AppCheck has added a plugin to detect the flaw that will run as part of your standard scans.
AppCheck is a software security vendor based in the UK, offering a leading security scanning platform that automates the discovery of security flaws within organisations websites, applications, network, and cloud infrastructure. AppCheck are authorized by the Common Vulnerabilities and Exposures (CVE) Program as a CVE Numbering Authority (CNA).
No software to download or install.
Contact us or call us 0113 887 8380