August 13, 2019
The NCCIC has updated this advisory with additional information on mitigation measures. This advisory was originally published on July 9, 2019. Read the advisory at CISA.
July 9, 2019
The NCCIC has published an advisory on an improper input validation vulnerability in Siemens SIPROTEC 5 and DIGSI 5. Numerous products and versions are affected. Successful exploitation of these vulnerabilities could allow a denial-of-service condition and limited control of file upload, download, and delete functions. Siemens recommends users upgrade to V7.90 where available and apply specific mitigations. The NCCIC also advises of a series of measures for mitigating this vulnerability. Read the advisory at CISA.