Risk Summary
ATTENTION: Remotely exploitable/low skill level to exploit.
CVEs (1)
Remediations
- Siemens has released new versions of XHQ to address this vulnerability. Users are to call their local service organization for further information on how to obtain the newest version of XHQ. If the local service organization is not known, please call a local Siemens hotline center:
- https://w3.siemens.com/aspa_app/
- Siemens strongly recommends users protect network access to XHQ with appropriate mechanisms. Siemens also advises that users configure the operational environment according to Siemens ' Operational Guidelines for Industrial Security:
- https://www.siemens.com/cert/operational-guidelines-industrial-security
- For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-945660 at the following location:
- http://www.siemens.com/cert/advisories
Affected Vendors
Siemens
Affected Products (2)
Siemens
·
XHQ 4
< 4.7.1.3
Siemens
·
XHQ 5
< 5.0.0.2
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more