February 11, 2020

CISA has updated this advisory with additional information on the affected products and mitigating measures. Read the advisory at CISA.

December 12, 2019

CISA has published an advisory on an exposed dangerous method or function vulnerability in Siemens SIMATIC products. Multiple versions of multiple products are affected. Successful exploitation of this vulnerability could allow an attacker already in a man-in-the-middle position to modify network traffic exchanged on Port 102/TCP. Siemens has released updates for some of the following affected products and recommends users update to the new version. Siemens is preparing further updates and recommends users apply specific countermeasures to reduce the risk until additional patches are available. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.