December 10, 2019

CISA has updated this advisory with additional details on the affected products and mitigation measures. Read the advisory at CISA.

November 23, 2016

ICS-CERT has posted an advisory on vulnerabilities affecting Siemens SIMATIC CP 343-1 Advanced/CP-443-1 Advanced devices and SIMATIC S7-300/S7-400 CPUs. Siemens has made new firmware versions available for several products and a temporary fix for the remaining affected products to mitigate these vulnerabilities. Under certain conditions, an attacker could use these vulnerabilities to perform operations as an authenticated user. These products are designed to enable SIMATIC S7-300/S7-400 CPUs to communicate via Ethernet. They are deployed across multiple sectors worldwide. ICS-CERT.