The NCCIC has published an advisory on an improper authorization vulnerability in Siemens Network Planner (SINETPLAN). Version 2.0 is affected. Successful exploitation of this vulnerability could allow information disclosure, code execution, and denial-of-service. Siemens recommends users update TIA Administrator to Version 1.0 SP1 Upd1. The NCCIC also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!
