February 12, 2019

The NCCIC has updated this advisory with additional details on the affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

January 23, 2018

ICS-CERT has released an advisory on a Siemens Industrial Products vulnerability. Numerous versions of this product are affected. Successful exploitation of this vulnerability could cause the targeted device to enter a denial-of-service condition, which may require human interaction to recover the system. Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to run the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens’ Operational Guidelines for Industrial Security and to follow the recommendations in the product manuals. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.