You are here

Siemens TIA Portal (Update A) (ICSA-20-014-05) – Products Used in the Water and Wastewater and Energy Sector

Siemens TIA Portal (Update A) (ICSA-20-014-05) – Products Used in the Water and Wastewater and Energy Sector

Created: Thursday, April 16, 2020 - 10:15
Categories:
Cybersecurity

April 14, 2020

CISA has updated this advisory with additional details on the affected products. Read the advisory at CISA.

January 15, 2020

CISA has released an advisory on a path traversal vulnerability in Siemens TIA Portal. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability could allow a local attacker to execute arbitrary code with SYSTEM privileges. Siemens recommends users of the affected products update to a new version and has identified workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.