The NCCIC has released an advisory on relative path traversal and improper input validation vulnerabilities in Siemens Siemens Automation License Manager. For Automation License Manager 5, all versions prior to 5.3.4.4 are affected. For Automation License Manager 6, all versions prior to 6.0.1 are affected. Successful exploitation of these vulnerabilities could allow remote code execution or allow an attacker to determine port status on another remote system. Siemens has released updates to address these vulnerabilities. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.