CISA has published an advisory on a TOCTOU race condition vulnerability in Siemens SIMATIC and SIMOTICS. All versions of SIMATIC RF350M and RF650M and SIMOTICS CONNECT 400 are affected. Successful exploitation of this vulnerability could allow an attacker to read a discrete set of traffic over the air after a Wi-Fi device state change. Siemens has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.