You are here

Siemens SIMATIC PCS 7, WinCC, TIA Portal (Update B) (ICSA-19-134-08) – Products Used in the Water and Wastewater and Energy Sectors

Siemens SIMATIC PCS 7, WinCC, TIA Portal (Update B) (ICSA-19-134-08) – Products Used in the Water and Wastewater and Energy Sectors

Created: Thursday, August 15, 2019 - 11:54
Categories:
Cyber Security

August 13, 2019

The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. Read the advisory at CISA.

July 9, 2019

The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. Read the advisory at CISA.

May 14, 2019

The NCCIC has published an advisory on SQL injection, uncaught exception, and exposed dangerous method vulnerabilities in Siemens SIMATIC PCS 7, WinCC, TIA Portal. Numerous products and versions of the products are affected. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary commands on the affected system. Siemens has an update available for this product, version 7.5 update 3. The NCCIC has also provided a series of measures to address the vulnerabilities. Read the advisory at NCCIC/ICS-CERT.