The NCCIC has released an advisory on an improper access control vulnerability in Siemens IEC 61850 system configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow a remote attacker to exfiltrate limited data from the system or execute code with operating system user permissions. Siemens has released updates for the affected products and recommends users update to the newest version. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.