The NCCIC has released an advisory on a cross-site scripting vulnerability in Siemens SCALANCE S. Numerous products and versions of these products are affected. If an attacker tricks a user into clicking a malicious link, the device could allow arbitrary script injection (XSS). Siemens recommends users update to Version 4.0.1.1. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.
H2OSecCon 2025- a virtual security event for the water sector - happening May 20th. Register Now!
