Vulnerability discovered on a Scada equipment (CVE-2015-5386)

During a security audit, Objectif Sécurité discovered a flaw on a Siemens Scada equipment that let an attacker bypass the authentication and authorization system to perform administrative operations without being authenticated. A security advisory was published by Siemens, who thanked Objectif Sécurité for reporting this flaw.