You are here

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update C) (ICSA-19-099-06) – Products Used in the Water and Wastewater and Energy Sector

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update C) (ICSA-19-099-06) – Products Used in the Water and Wastewater and Energy Sector

Created: Wednesday, July 10, 2019 - 15:54
Categories:
Cyber Security

July 9, 2019

The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. Read the advisory at CISA.

June 11, 2019

The NCCIC has updated this advisory with additional information on the affected products and mitigating measures. Read the advisory at NCCIC/ICS-CERT.

May 14, 2019

The NCCIC has updated this advisory with additional information on the technical details of the vulnerability and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

April 9, 2019

The NCCIC has published an advisory on an out-of-bounds read vulnerability in Siemens Siemens CP, SIAMTIC, SIMOCODE, SINAMICS, SITOP, and TIM. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could result in a denial-of-service condition leading to a restart of the webserver. Siemens has provided firmware updates and also recommends users apply specific workarounds and mitigations to reduce risk. The NCCIC has also provided a series of measures for mitigating the vulnerabilities. Read the advisory at NCCIC/ICS-CERT.