Siemens SIMOCODE pro V EIP (ICSA-19-099-01) – Products Used in the Water and Wastewater and Energy Sectors
The NCCIC has published an advisory on an uncontrolled resource consumption vulnerability in SIMOCODE pro V EIP. All versions prior to 1.0.2 are affected. Successful exploitation of this vulnerability could cause a denial-of-service condition. Siemens recommends users upgrade to Version 1.0.2. Users who cannot upgrade because of hardware restrictions are recommended to apply the manual mitigations. The NCCIC has also provided a series of measures for mitigating the vulnerabilities.