TID-314: Passwords Can Be Guessed Using Brute-Force Attempts
Threat Description
A threat actor could gain unauthorized access by continually guessing passwords. This could be because the device allows passwords with insufficient entropy, short password lengths, or does not have a mechanism to increase the time it takes to randomly guess passwords, such as password lockouts or cooldowns between guesses.
Threat Maturity and Evidence
Observed Adversarial Technique
- APT Cyber Tools Targeting ICS/SCADA Devices
“Brute-force Schneider Electric PLC passwords using CODESYS and other available device protocols via UDP port 1740 against defaults or a dictionary word list (Note: this capability may work against other CODESYS-based devices depending on individual design and function, and this report will be updated as more information becomes available);”
CWE
CWE-334: Small Space of Random Values
“The number of possible random values is smaller than needed by the product, making it more susceptible to brute force attacks.”CWE-307: Improper Restriction of Excessive Authentication Attempts
“The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks.”
CVE
- None referenced