The NCCIC has published an advisory on an improper input vulnerability in Siemens EN100 Ethernet Module. Firmware variant IEC 61850 for EN100 Ethernet module version prior to 4.33 is affected. The EN100 Ethernet module for the SWT 3000 management platform is affected by security vulnerabilities that could allow an attacker to conduct a denial-of-service attack over the network. Siemens has released update v4.33 for several affected products, is working on updates for the remaining affected products, and recommends specific countermeasures until fixes are available. The NCCIC also advises on a series of mitigating measures for these vulnerabilities. Read the advisory at NCCIC/ICS-CERT.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!