Siemens SIMATIC, SINAMICS, SINEC, SINEMA, SINUMERIK (Update C) (ICSA-20-161-04) – Products Used in the Water and Wastewater and Energy Sectors
Created: Wednesday, September 9, 2020 - 13:53
Categories: Cybersecurity
September 8, 2020
CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.
August 11, 2020
CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.
July 14, 2020
CISA has updated this advisory with additional information on affected products and mitigation measures. Read the advisory at CISA.
June 10, 2020
CISA has published an advisory on an unquoted search path or element vulnerability in Siemens SIMATIC, SINAMICS, SINEC, SINEMA, and SINUMERIK. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could allow authorized local users with administrative privileges to execute custom code with SYSTEM level privileges. Siemens has made product updates available; it has also identified specific workarounds and mitigations to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.