Siemens devices using the PROFINET Discovery and Configuration Protocol (Update K) (ICSA-17-129-01I) – Product Used in Energy and Water and Wastewater Systems Sectors
Created: Friday, February 15, 2019 - 14:35
Categories: Cybersecurity, Federal & State Resources
February 14, 2019
The NCCIC has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.
February 27, 2018
ICS-CERT has updated this advisory with additional details on affected products and mitigation details. ICS-CERT.
January 23, 2018
ICS-CERT has updated this advisory with additional details on affected products and mitigation details. ICS-CERT.
November 14, 2017
ICS-CERT has updated this advisory with mitigation details. ICS-CERT.
October 10, 2017
ICS-CERT has updated this advisory with mitigation details. ICS-CERT.
August 17, 2017
ICS-CERT has updated its advisory titled “Siemens devices using the PROFINET Discovery and Configuration Protocol.” Additional affected products and mitigations have been added. ICS-CERT.
July 25, 2017
ICS-CERT has updated its advisory titled “Siemens devices using the PROFINET Discovery and Configuration Protocol.” Additional affected products and mitigations have been added. ICS-CERT.
July 6, 2017
ICS-CERT has updated its advisory titled “Siemens devices using the PROFINET Discovery and Configuration Protocol.” Additional affected products have been added and additional updates have been provided. ICS-CERT.
June 15, 2017
ICS-CERT has updated its alert titled “Siemens SIMATIC Authentication Bypass.” Siemens reports additional products affected. ICS-CERT.
February 14, 2017
ICS-CERT has released an advisory on a Siemens SIMATIC Authentication Bypass. Siemens reports that the vulnerability affects SIMATIC Logon. SIMATIC WinCC: V7.x, SIMATIC WinCC Runtime Professional: All versions, SIMATIC PCS 7: All versions, SIMATIC PDM: All versions, and SIMATIC IT: All versions include affected versions of SIMATIC Logon. Successful exploitation of this vulnerability could allow attackers to circumvent user authentication under certain conditions. Siemens provides SIMATIC Logon V1.5 SP3 Update 2 and recommends that users update to the new version. ICS-CERT.