You are here

Siemens Industrial Products Local Privilege Escalation Vulnerability (Update I) (ICS-CERT Advisory 16-313-02) – Product Used in Energy and Water and Wastewater Systems Sectors

Siemens Industrial Products Local Privilege Escalation Vulnerability (Update I) (ICS-CERT Advisory 16-313-02) – Product Used in Energy and Water and Wastewater Systems Sectors

Created: Thursday, October 10, 2019 - 16:53
Categories:
Cybersecurity, Federal & State Resources

October 10, 2019

CISA has updated this advisory with additional information on affected products and mitigation measures. Read the update at CISA.

January 28, 2018

ICS-CERT has updated this advisory with additional details on affected products and mitigation measures. ICS-CERT.

June 20, 2017

ICS-CERT has updated its advisory titled “Siemens Industrial Products Local Privilege Escalation Vulnerability.” Siemens reports additional products affected and has released additional updates. ICS-CERT.

May 9, 2017

ICS-CERT has updated its advisory titled “Siemens Industrial Products Local Privilege Escalation Vulnerability.” Siemens reports that the vulnerability affects additional products. ICS-CERT.

March 2, 2017

ICS-CERT has updated its advisory “Siemens Industrial Products Local Privilege Escalation Vulnerability.” Siemens reports that the vulnerability affects additional products. ICS-CERT.

February 14, 2017

ICS-CERT has updated an advisory on a Siemens Industrial Products Local Privilege Escalation vulnerability. Siemens reports that the vulnerability affects additional products. Siemens has released updates for the products and encourages users to apply the updates as soon as possible. ICS-CERT.

December 22, 2016

ICS-CERT updated this advisory.  ICS-CERT.

November 22, 2016

ICS-CERT has updated its advisory on a privilege escalation vulnerability that affects several Siemens industrial products. Siemens has updated the list of affected products and security patches to address the vulnerabilities. These products are deployed in multiple sectors worldwide including energy and water and wastewater systems. ICS-CERT.

November 8, 2016

ICS-CERT has posted an advisory on a privilege escalation vulnerability that affects several Siemens industrial products. Siemens has produced updates for several products and a temporary fix for the remaining affected products to mitigate this vulnerability. This vulnerability could allow local users to escalate their privileges if the affected products are not installed under the default path. The affected products are deployed worldwide across multiple sectors including energy and water and wastewater. ICS-CERT.