|
| Dev.ID | Device name | Port | Vulnerability | Affected component |
|
| Dev1 | Manager PC | — | LNK remote code execution | Icon of the shortcut in windows platform |
| — | Credentials leak | Connected device login |
| Dev2 | Application server | 22 | OS command injection | OpenSSH(SCP) |
| Dev3 | ERP server | 3389 | BITS improper privilege management | Windows background intelligent transfer service |
| Dev4 | Data server | 3306 | Permissions and access controls | MySQL |
| Dev5 | Web server | 80 | Memory buffer overflow | Internet information services |
| Dev6 | Mail server | 80 | Improper access control | Roundcube |
| Dev7 | DNS server | 53 | DNS server remote code execution | Windows DNS server |
| Dev8 | Proxy server | 8090, 4900 | Path traversal | Lanproxy server |
| Dev9 | Proxy client | 12000 | Plaintext credential | Lanproxy client |
| Dev10 | MES client | 445 | SMBv3 remote code execution | Microsoft server message block protocol |
| — | Credentials leak | Connected device login |
| Dev11 | MES server | 22 | Kernel improper privilege management | Linux kernel |
| Dev12 | Historian | 80 | SQL server remote code execution | Microsoft SQL server reporting services |
| Dev13 | EWS1 | 445, 139 | Code injection | MSRPC over SMB |
| Dev14 | EWS2 | 3389 | Brute force | Remote desktop services |
| Dev15 | OWS | 445 | SMB remote code execution | Microsoft server message block protocol |
| Dev16 | OPC server | 8080 | Unrestricted upload of file | Apache tomcat |
| Dev17 | HMI1 (master) | 2308, 1033 | Modify configuration project | HMI configuration project in WinCC |
| Dev18 | HMI2 (slave) | 2308, 1034 | Modify configuration project | HMI Configuration project in WinCC |
| Fake MAC address | HMI and PLC communication |
| Dev19 | PLC1 (master) | 102 | Modify parameters/modes | PLC automatic operation/states |
| Modify control logic | PLC program project in TIA portal |
| Plaintext control command | Legacy S7Comm protocol |
| Dev20 | PLC2 (slave) | 102, 502 | Fake MAC address | HMI and PLC communication |
| Modify parameters/modes | PLC automatic operation/states |
| Modify control logic | PLC program project in TIA portal |
| Plaintext control command | Modbus protocol |
| Uncontrolled resource consumption | Protocol common used port |
| Improper control | CPU defect mode |
|
