You are here

Siemens IEC 61850 System Configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC (ICSA-18-317-01) – Products Used in the Water and Wastewater and Energy Sectors

Siemens IEC 61850 System Configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC (ICSA-18-317-01) – Products Used in the Water and Wastewater and Energy Sectors

Created: Wednesday, November 14, 2018 - 18:05
Categories:
Cybersecurity

The NCCIC has released an advisory on an improper access control vulnerability in Siemens IEC 61850 system configurator, DIGSI 5, DIGSI 4, SICAM PAS/PQS, SICAM PQ Analyzer, and SICAM SCC. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow a remote attacker to exfiltrate limited data from the system or execute code with operating system user permissions. Siemens has released updates for the affected products and recommends users update to the newest version. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.