You are here

Siemens SIPROTEC 5 and DIGSI 5 (ICSA-19-190-05) – Products Used in the Energy Sector

Siemens SIPROTEC 5 and DIGSI 5 (ICSA-19-190-05) – Products Used in the Energy Sector

Created: Wednesday, July 10, 2019 - 16:17
Categories:
Cyber Security

The NCCIC has published an advisory on an improper input validation vulnerability in Siemens SIPROTEC 5 and DIGSI 5. Numerous products and versions are affected. Successful exploitation of these vulnerabilities could allow a denial-of-service condition and limited control of file upload, download, and delete functions. Siemens recommends users upgrade to V7.90 where available and apply specific mitigations. The NCCIC also advises of a series of measures for mitigating this vulnerability. Read the advisory at CISA.