The NCCIC has published an advisory on an improper authorization vulnerability in Siemens Network Planner (SINETPLAN). Version 2.0 is affected. Successful exploitation of this vulnerability could allow information disclosure, code execution, and denial-of-service. Siemens recommends users update TIA Administrator to Version 1.0 SP1 Upd1. The NCCIC also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
H2OSecCon 2025- a virtual security event for the water sector - happening May 20th. Register Now!