H2OSecCon Spring 2024 - featuring panels and briefings on cybersecurity, physical security, operational resilience, and more - is on May 23. REGISTER NOW!

You are here

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update R) (ICSA-17-129-02) – Product Used in Energy and Water and Wastewater Sectors

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update R) (ICSA-17-129-02) – Product Used in Energy and Water and Wastewater Sectors

Created: Wednesday, August 12, 2020 - 17:33

Categories:

Cybersecurity, Federal & State Resources

August 11, 2020

CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.

July 14, 2020

CISA has updated this advisory with additional information on affected products. Read the advisory at CISA.

October 8, 2019

CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.

February 5, 2019

The NCCIC has updated this advisory with additional information on mitigation measures. Read the advisory at NCCIC/ICS-CERT.

December 11, 2018

The NCCIC has updated this advisory with additional information on affected products and mitigation measures. NCCIC/ICS-CERT.

November 13, 2018

The NCCIC has updated this advisory with additional information on affected products and mitigation measures. NCCIC/ICS-CERT.

June 21, 2018

The NCCIC has updated this advisory with additional information on affected products and mitigation measures. NCCIC/ICS-CERT.

May 3, 2018

The NCCIC has updated this advisory with additional details on affected products and mitigation measures. NCCIC/ICS-CERT.

March 6, 2018

ICS-CERT has updated this advisory with additional details on mitigation measures. ICS-CERT.

February 27, 2018

ICS-CERT has updated this advisory with additional details on affected products and mitigation measures. ICS-CERT.

January 25, 2018

ICS-CERT has updated this advisory with additional details on affected products and mitigation measures. ICS-CERT.

January 18, 2018

ICS-CERT has updated this advisory with additional details on affected products and mitigation measures. ICS-CERT.

November 28, 2017

ICS-CERT has updated this advisory with additional details on affected products and mitigation measures. ICS-CERT.

November 14, 2017

ICS-CERT has updated this advisory with additional details on affected products and mitigation measures. ICS-CERT.

October 10, 2017

ICS-CERT has updated this advisory with mitigation details. ICS-CERT.

September 14, 2017

ICS-CERT has updated its advisory titled “Siemens devices using the PROFINET Discovery and Configuration Protocol.” Additional affected products and mitigations have been added. ICS-CERT.

August 17, 2017

ICS-CERT has updated its advisory titled “Siemens devices using the PROFINET Discovery and Configuration Protocol.” Additional affected products and mitigations have been added. ICS-CERT.

July 25, 2017

ICS-CERT has updated its advisory titled “Siemens devices using the PROFINET Discovery and Configuration Protocol.” Additional affected products and mitigations have been added. ICS-CERT.

May 9, 2017

ICS-CERT has posted an advisory on Siemens devices using the PROFINET Discovery and Configuration Protocol. Siemens reports that the vulnerability affects specific products using the PROFINET DCP. Successful exploitation of these vulnerabilities could cause the targeted device to enter a denial-of-service condition, which may require human interaction to recover the system. Siemens strongly recommends verifying that the affected products are protected as described in PROFINET Security Guidelines and Siemens Operational Guidelines in order to run the devices in a protected IT environment. ICS-CERT.