May 24, 2018

The NCCIC has updated this advisory with additional details on mitigation measures. NCCIC/ICS-CERT.

May 8, 2018

The NCCIC has released an advisory about a vulnerability in Siemens Siveillance VMS. Multiple versions of this product are affected. Successful exploitation of this vulnerability by the affected ports in .NET Remoting deserialization could allow elevation of privileges and/or cause a denial-of-service. Siemens has released updates for several affected products and recommends users update to the new version. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.