mySCADA myPRO 7 contains hardcoded credentials

Emre Ovunc published a report on myPRO v7 which shows how hardcoded credentials have been stored in the myPRO product.

In the latest version of myPRO (v7), it has been discovered that the ftp server’s -running on port 2121-  username and password information is kept in the file by using reverse engineering. Anyone who connects to an FTP server with an authorized account can upload or download files onto the server running myPRO software.

 

According to the website of myscada.org:

myPRO is a professional HMI/SCADA system designed primarily for the visualisation and control of industrial processes. myPRO is effective and innovative solution for any industry that needs to be under non-stop operation. myPRO guarantees reliable supervision, a user-friendly interface and superior security.

How to defend yourself against this attack:

You need to restrict port 2121 access from the outside. There is no permanent solution for the vendor because there is no patch available.

The hardcoded credentials:

myscada:Vikuk63

You can read his full research here:

https://emreovunc.com/blog/en/mySCADA-myPRO7-Exploit.pdf