The NCCIC has released an advisory about a vulnerability in Siemens Siveillance VMS Video Mobile App. For both Siveillance VMS for Android and iOS, all versions prior to V12.1a (2018 R1) are affected. Successful exploitation of this vulnerability may allow an attacker in a privileged network position to read data from and write data to the encrypted communication channel between the app and a server. Siemens has provided updates and recommends that all users update to the newest version: The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.