Siemens SIMATIC NET PC-Software Denial-of-Service Vulnerability

CVEs (1)

Remediations

• Siemens provides SIMATIC NET PC-Software V13 SP2, which fixes the vulnerability, and recommends users upgrade to the new version. SIMATIC NET PC-Software V13 SP2 can be obtained by contacting your local Siemens representative or customer support.
• If OPC-UA is not required, Siemens recommends deactivating these in the communication settings according to the information in the respective product manual.
• As a general security measure, Siemens strongly recommends protecting network access to SIMATIC NET PC-Software services with appropriate mechanisms. It is advised to configure the environment according to Siemens operational guidelines in order to run the devices in a protected IT environment. (https://www.siemens.com/cert/operational-guidelines-industrial-security)
• For more information on this vulnerability and detailed instructions, please see Siemens Security Advisory SSA-453276 at the following location: (http://www.siemens.com/cert/advisories)

Affected Vendors

Affected Products (1)