You are here

Siemens SIPROTEC 5 and DIGSI 5 (Update A) (ICSA-19-190-05) – Products Used in the Energy Sector

Siemens SIPROTEC 5 and DIGSI 5 (Update A) (ICSA-19-190-05) – Products Used in the Energy Sector

Created: Thursday, August 15, 2019 - 11:50
Categories:
Cyber Security

August 13, 2019

The NCCIC has updated this advisory with additional information on mitigation measures. This advisory was originally published on July 9, 2019. Read the advisory at CISA.

July 9, 2019

The NCCIC has published an advisory on an improper input validation vulnerability in Siemens SIPROTEC 5 and DIGSI 5. Numerous products and versions are affected. Successful exploitation of these vulnerabilities could allow a denial-of-service condition and limited control of file upload, download, and delete functions. Siemens recommends users upgrade to V7.90 where available and apply specific mitigations. The NCCIC also advises of a series of measures for mitigating this vulnerability. Read the advisory at CISA.