Siemens SIMATIC Sm@rtClient Android App

Risk Summary

ATTENTION: Remotely exploitable/low skill level to exploit.

CVEs (2)

Remediations

• Siemens has released SIMATIC WinCC Sm@rtClient V1.0.2.2 for Android to address these vulnerabilities and recommends updating as soon as possible. Updates will be installed automatically if the mobile device is configured accordingly. If the update does not install automatically, users can find the latest version at the Google Play Store:
• https://play.google.com/store/search?q=Sm@rtClient
• It is advised to configure the environment according to operational guidelines.
• For more information on these vulnerabilities and more detailed mitigation instructions, please see Siemens Security Advisory SSA-589378 at the following location:
• http://www.siemens.com/cert/advisories
• In addition, ICS-CERT recommends that users take the following measures to protect themselves from social engineering attacks:

Affected Vendors

Affected Products (2)