March 12, 2019

The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

November 13, 2018

The NCCIC has released an advisory on a resource exhaustion vulnerability in Siemens SIMATIC S7. All versions of SIMATIC S7-1200 and all versions prior to 2.6 of SIMATIC S7-1500 are affected. Successful exploitation of this vulnerability could result in a denial-of-service condition that could result in a loss of availability of the affected device. Siemens recommends users of SIMATIC S7-1500 update to Version 2.6. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.