May 14, 2019
The NCCIC has updated this advisory with additional information on the technical details of the vulnerability and mitigation measures. Read the advisory at NCCIC/ICS-CERT.
April 9, 2019
The NCCIC has published an advisory on an out-of-bounds read vulnerability in Siemens Siemens CP, SIAMTIC, SIMOCODE, SINAMICS, SITOP, and TIM. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could result in a denial-of-service condition leading to a restart of the webserver. Siemens has provided firmware updates and also recommends users apply specific workarounds and mitigations to reduce risk. The NCCIC has also provided a series of measures for mitigating the vulnerabilities. Read the advisory at NCCIC/ICS-CERT.