S7 programmable logic controllers, the same PLC family exploited by the Stuxnet malware, are in the crosshairs of a password-cracking tool that is capable of stealing credentials from industrial control systems. The S7 protocol in question provides communication between engineering stations, SCADA systems, HMI interfaces and PLCs that is password protected. The tool, written in Python, requires an attacker to be on an adjacent network in order to capture TCP/IP traffic. The possibility exists that this code may be modified to be used against other vendor products.
Source: https://threatpost.com/password-cracker-targets-siemens-s7-plcs-012313/77442/