The NCCIC has released an advisory on an unprotected storage of credentials vulnerability in Siemens SIMATIC STEP 7 (TIA Portal). All versions of this product prior to 15.1 are affected. Successful exploitation of this vulnerability could allow an attacker to reconstruct passwords. Siemens recommends users update to Version 15.1. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.