← Back to home
ICSA-17-278-02  ·  Published 2017-10-05  ·  View on CISA ICS-CERT ↗

Siemens 7KT PAC1200 Data Manager

CVSS 9.8 CRITICAL

Risk Summary

ATTENTION: Remotely exploitable/low skill level to exploit.

CVEs (1)

Remediations

  • Siemens provides firmware Version V2.03 for 7KT PAC1200 data manager (7KT1260) from the SENTRON portfolio, which fixes the vulnerability and recommends users update to the new fixed version. The firmware update V2.0.3 for 7KT PAC1200 data manager (7KT1260) from the SENTRON portfolio can be found on the Siemens web site at the following location:
  • https://support.industry.siemens.com/cs/ww/de/view/109749883/en?dl=en
  • As a general security measure, Siemens strongly recommends protecting network access to the devices with appropriate mechanisms. Siemens advises configuring the environment according to Siemens operational guidelines in order to run the devices in a protected IT environment.
  • https://www.siemens.com/cert/operational-guidelines-industrial-security
  • For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-971654 at the following location:
  • http://www.siemens.com/cert/en/cert-security-advisories.htm

Affected Vendors

Siemens

Affected Products (1)

Siemens · 7KT PAC1200 data manager < 2.03

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more