October 13, 2020

CISA has updated this advisory with additional details on affected products and mitigation measures. Read the advisory at CISA.

September 9, 2020

CISA has published an advisory on an exposure of sensitive information to an unauthorized actor vulnerability in Siemens Industrial Products containing certain processors. Multiple products and versions of the products are affected. Successful exploitation of this vulnerability may allow an authenticated user to enable information disclosure via local access. Siemens is preparing updates and recommends specific workarounds and mitigations users can apply to reduce the risk until fixes are available. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.