Siemens SIMATIC HMI Panels (ICSA-20-196-04) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a cleartext transmission of sensitive information vulnerability in Siemens SIMATIC HMI Panels. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow an attacker to affect the availability, read sensitive data, and gain remote code execution on the affected devices. Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability. Access the advisory at CISA.