April 19, 2018
The NCCIC has updated this advisory with additional details on mitigation measures. NCCIC/ICS-CERT.
March 8, 2018
ICS-CERT has released an advisory on vulnerabilities in Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle Devices using the EN100 Ethernet Communication Module Extension. Numerous versions of these product are affected. Successful exploitation of this vulnerability could allow an attacker to either upgrade or downgrade the firmware of the device, including downgrading to older versions with known vulnerabilities. For EN100 Ethernet module IEC 61850 variant (all versions prior to V4.30), Siemens recommends users update to V4.30. For all other affected products, Siemens has identified specific workarounds and mitigations users can apply to reduce the risk. As a general security measure, Siemens strongly recommends protecting network access with appropriate mechanisms (e.g., firewalls, segmentation, and VPN)s. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.