Siemens S7-300/400 PLC Vulnerabilities (Update E) (ICSA-16-348-05D) – Product Used in Energy and Water and Wastewater Systems Sectors

March, 10, 2020

CISA has updated the advisory with additional details on the affected products and the nature of the vulnerability. Read the advisory at CISA.

January 25, 2018

ICS-CERT has updated this advisory with additional details on mitigation measures. ICS-CERT.

November 28, 2017

ICS-CERT has updated this advisory with additional details on mitigation measures. ICS-CERT.

July 25, 2017

ICS-CERT has updated its advisory titled “Siemens S7-300/400 PLC Vulnerabilities.” Additional mitigations have been added. ICS-CERT.

May 9, 2017

ICS-CERT has updated its advisory titled “Siemens S7-300/400 PLC Vulnerabilities.” An attacker with network access to Port 102/TCP (ISO-TSAP) or via Profibus could obtain credentials from the PLC if Protection-level 2 is configured on the affected devices. This vulnerability affects all listed affected products. Siemens provides firmware version V3.X.14 for S7-300 CPUs that resolves CVE-2016-9158. ICS-CERT.

December 13, 2016

ICS-CERT has released an announcement on password leak and denial-of-service vulnerabilities in Siemens’ S7-300 and S7-400 programmable logic controllers. Siemens has released Security Advisory SSA-731239 with advice to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. Successful exploitation of these vulnerabilities could lead to a denial-of-service condition or result in credential disclosure. The products are deployed across several sectors including Energy and Water and Wastewater Systems. ICS-CERT.