You are here

Siemens SIMATIC, SINUMERIK, and PROFINET IO (Update D) (ICSA-18-079-02) – Products Used in the Water and Wastewater and Energy Sectors

Siemens SIMATIC, SINUMERIK, and PROFINET IO (Update D) (ICSA-18-079-02) – Products Used in the Water and Wastewater and Energy Sectors

Created: Tuesday, October 8, 2019 - 17:28
Categories:
Cybersecurity

October 8, 2019

CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.

May 14, 2019

The NCCIC has updated this advisory with additional information on the technical details of the vulnerability and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

February 5, 2019

The NCCIC has updated this advisory with additional details on the affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

October 9, 2018

The NCCIC has updated this advisory with additional details on the affected products and mitigation measures. NCCIC/ICS-CERT.

March 20, 2018

The NCCIC has released an advisory on a vulnerability in Siemens SIMATIC, SINUMERIK, and PROFINET IO. Numerous versions of these products are affected. Successful exploitation of this vulnerability could result in a denial-of-service condition requiring a manual restart to recover the system. Siemens had provided a series of updates for mitigations. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.