You are here

Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK (Update C) (ICSA-20-161-04) – Products Used in the Water and Wastewater and Energy Sectors

Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK (Update C) (ICSA-20-161-04) – Products Used in the Water and Wastewater and Energy Sectors

Created: Wednesday, September 9, 2020 - 09:53
Categories:
Cybersecurity

September 8, 2020

CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.

August 11, 2020

CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.

July 14, 2020

CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.

June 10, 2020

CISA has published an advisory on an unquoted search path or element vulnerability in Siemens SIMATIC, SINAMICS, SINEC, SINEMA, and SINUMERIK. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow authorized local users with administrative privileges to execute custom code with SYSTEM level privileges. Siemens has made product updates available; it has also identified specific workarounds and mitigations to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.