You are here

Siemens SIMATIC STEP 7 (TIA Portal) (ICSA-18-317-06) – Product Used in the Water and Wastewater and Energy Sectors

Siemens SIMATIC STEP 7 (TIA Portal) (ICSA-18-317-06) – Product Used in the Water and Wastewater and Energy Sectors

Created: Wednesday, November 14, 2018 - 18:11
Categories:
Cybersecurity

The NCCIC has released an advisory on an unprotected storage of credentials vulnerability in Siemens SIMATIC STEP 7 (TIA Portal). All versions of this product prior to 15.1 are affected. Successful exploitation of this vulnerability could allow an attacker to reconstruct passwords. Siemens recommends users update to Version 15.1. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.