You are here

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update A) (ICSA-19-099-06) – Products Used in the Water and Wastewater and Energy Sector

Siemens CP, SIMATIC, SIMOCODE, SINAMICS, SITOP, and TIM (Update A) (ICSA-19-099-06) – Products Used in the Water and Wastewater and Energy Sector

Created: Wednesday, May 15, 2019 - 20:58
Categories:
Cyber Security

May 14, 2019

The NCCIC has updated this advisory with additional information on the technical details of the vulnerability and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

April 9, 2019

The NCCIC has published an advisory on an out-of-bounds read vulnerability in Siemens Siemens CP, SIAMTIC, SIMOCODE, SINAMICS, SITOP, and TIM. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could result in a denial-of-service condition leading to a restart of the webserver. Siemens has provided firmware updates and also recommends users apply specific workarounds and mitigations to reduce risk. The NCCIC has also provided a series of measures for mitigating the vulnerabilities. Read the advisory at NCCIC/ICS-CERT.