← Back to home
ICSA-17-243-03  ·  Published 2017-08-31  ·  View on CISA ICS-CERT ↗

Siemens 7KM PAC Switched Ethernet

CVSS 4.3 MEDIUM

Risk Summary

ATTENTION: Low skill level to exploit.

CVEs (1)

Remediations

  • Siemens provides firmware Version V2.1.3 for 7KM PAC Switched Ethernet PROFINET expansion modules, which fixes the vulnerability, and recommends users to update to the new fixed version. The new firmware update can be found at the following location:
  • https://support.industry.siemens.com/cs/ww/en/view/109749555
  • Siemens recommends users protect network access with appropriate mechanisms such as firewalls, segmentation, and VPNs. Siemens also advises that users configure the operational environment according to Siemens ' Operational Guidelines for Industrial Security:
  • https://www.siemens.com/cert/operational-guidelines-industrial-security
  • For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-771218 at the following location:
  • http://www.siemens.com/cert/advisories

Affected Vendors

Siemens

Affected Products (1)

Siemens · 7KM PAC Switched Ethernet PROFINET expansion module < 2.1.3

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more