You are here

Siemens SIMATIC S7-1500 CPU (ICSA-19-036-04) – Products Used in the Water and Wastewater and Energy Sectors

Siemens SIMATIC S7-1500 CPU (ICSA-19-036-04) – Products Used in the Water and Wastewater and Energy Sectors

Created: Wednesday, February 6, 2019 - 10:17
Categories:
Cybersecurity

The NCCIC has published an advisory on an improper input validation vulnerability in Siemens SIMATIC S7-1500 CPU. For SIMATIC S7-1500, versions 1.8.5 and prior are affected. For SIMATIC S7-1500, versions prior to 2.5, down to an including 2.0, are affected. Successful exploitation of these vulnerabilities could allow a denial of service condition of the device. Siemens recommends users upgrade to Version 2.5 or newer. Users who cannot upgrade because of hardware restrictions are recommended to apply the manual mitigations. The NCCIC also advises on a series of mitigating measures for this vulnerability. Read the advisory at NCCIC/ICS-CERT.