You are here

Siemens SINAMICS PERFECT HARMONY GH180 (ICSA-20-014-04)

Siemens SINAMICS PERFECT HARMONY GH180 (ICSA-20-014-04)

Created: Wednesday, January 15, 2020 - 14:06
Categories:
Cybersecurity

CISA has released an advisory on a protection mechanism failure in Siemens SINAMICS PERFECT HARMONY GH180. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability could allow an unauthorized attacker with physical access to the affected device to restart the HMI with disabled security controls, which could be used to launch further attacks against the affected device. Siemens recommends that affected users contact customer support to obtain configuration changes and notes that no other specific mitigations or workarounds have been identified. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.