May 14, 2019

The NCCIC has updated this advisory with additional information on the technical details of the vulnerability and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

November 13, 2018

The NCCIC has released an advisory on an improper input validation vulnerability in Siemens S7-400 CPUs. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could crash the device being accessed which may require a manual reboot or firmware re-image to bring the system back to normal operation. Siemens recommends a series of mitigations to addresss these vulnerabilities. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.