Siemens SIPROTEC 4 and SIPROTEC Compact (ICSA-20-042-12)

CISA has published an advisory on an improper input validation vulnerability in SIPROTEC 4 and SIPROTEC Compact. All versions of both products are affected. This vulnerability could allow an attacker to conduct a denial-of-service attack over the network. Siemens has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.