You are here

Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays (ICSA-18-347-02) – Products Used in the Energy Sector

Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays (ICSA-18-347-02) – Products Used in the Energy Sector

Created: Tuesday, December 18, 2018 - 10:56
Categories:
Cybersecurity

The NCCIC has released an advisory on an improper input validation vulnerability in EN100 Ethernet Communication Module and SIPROTEC 5 relays. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could cause a denial-of-service condition of the network functionality of the device, compromising the availability of the system. Siemens has released updates for several affected products. Siemens is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available. The NCCIC also advises on a series of mitigating measures for these vulnerabilities. NCCIC/ICS-CERT.