ICSA-17-243-02
·
Published 2020-12-08
·
View on CISA ICS-CERT ↗
Siemens LOGO! (Update A)
CVSS 7.5
HIGH
CVEs (2)
Remediations
- Siemens provides LOGO!8 BM FS-05 with firmware version V1.81.2, which fixes CVE-2017-12734
- Configure the environment according to the recommendations in the user manual (see https://support.industry.siemens.com/cs/us/en/view/109741041)
- Apply cell protection concept (see https://www.siemens.com/cert/operational-guidelines-industrial-security)
- Use VPN for protecting network communication between cells
- Apply Defense-in-Depth (see http://www.industry.siemens.com/topics/global/en/industrial-security/concept/Pages/defense-in-depth.aspx)
- Update to V8.3. Notice that in order to update, a new hardware version is required. https://support.industry.siemens.com/cs/ww/en/view/109783346/
Affected Vendors
Siemens
Affected Products (2)
Siemens
·
LOGO! 8 BM (incl.'SIPLUS variants)
<V1.81.2
Siemens
·
LOGO! 8 BM (incl.'SIPLUS variants)
<V8.3
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more