OTPulse
FeedAboutContact

Siemens Synco OZW Default Password

Low RiskICS-CERT ICSA-12-214-01May 5, 2012
Summary

Siemens Synco OZW building automation controllers contain hardcoded default passwords that allow authenticated access to device management functions. Affected models are OZW775, OZW672.01, OZW672.04, OZW672.16, OZW772.01, OZW772.04, OZW772.16, and OZW772.250. No firmware patch is available from Siemens.

What this means
What could happen
An attacker with network access to the device could use a hardcoded default password to log in and modify building automation settings, potentially affecting HVAC control, temperature regulation, or other facility operations.
Who's at risk
Building automation and HVAC facility managers using Siemens Synco OZW devices. This affects organizations running centralized facility control systems for temperature, humidity, and energy management in commercial buildings, data centers, and industrial facilities.
How it could be exploited
An attacker with network access to the OZW device could attempt to log in using default credentials. Once authenticated, they could modify control parameters or disable safety interlocks. No special tools or exploits are required.
Prerequisites
  • Network access to the OZW device (typically port 502 or web interface port)
  • Knowledge of the default password
  • Access to the device's management interface or Modbus protocol
default credentialsno patch availableremotely exploitablelow complexity
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
Synco models: OZW775|OZW672.01|OZW672.04|OZW672.16|OZW772.01|OZW772.04|OZW772.16|OZW772.250OZW775|OZW672.01|OZW672.04|OZW672.16|OZW772.01|OZW772.04|OZW772.16|OZW772.250No fix yet
Remediation & Mitigation
0/4
Do now
0/2
WORKAROUNDChange the default password immediately on all OZW devices to a strong, unique credential
HARDENINGRestrict network access to OZW devices using firewall rules; only allow connections from authorized engineering workstations or building management systems
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HARDENINGMonitor access logs on OZW devices for unauthorized login attempts
Long-term hardening
0/1
HARDENINGImplement network segmentation to isolate building automation devices from general IT networks and direct internet access
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/ccb9823e-e3ed-44ee-be50-83c49b4d6b38