Siemens IE/PB-Link, RUGGEDCOM, SCALANCE, SIMATIC, SINEMA (Update B) (ICSA-20-105-05) – Products Used in the Water and Wastewater and Energy Sectors

September 8, 2020

CISA has updated this advisory with additional information on affected products and mitigation measures.  Read the advisory at CISA.

May 12, 2020

CISA has updated this advisory with additional information on the affected products. Read the advisory at CISA.

April 16, 2020

CISA has published an advisory on uncontrolled resource consumption and improper input validation vulnerabilities in Siemens IE/PB-Link, RUGGEDCOM, SCALANCE, SIMATIC, SINEMA. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow remote attackers to affect the availability of the devices under certain conditions. Siemens recommends applying updates, if available. Siemens has not identified any specific mitigations or workarounds and recommends following their general security recommendations. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.