Risk Summary
ATTENTION: Remotely exploitable/low skill level to exploit.
Remediations
- Siemens has provided updated firmware that fixes the vulnerabilities for the following affected products and recommends users update to the newest version:
- To obtain the firmware please contact the Customer Support Center:
- [email protected]
- Siemens recommends users protect network access with appropriate mechanisms. Siemens also advises that users configure the operational environment according to Siemens ' Operational Guidelines for Industrial Security:
- https://www.siemens.com/cert/operational-guidelines-industrial-security
- Please note that not all of the devices above are affected by all vulnerabilities. For more information on these vulnerabilities and more detailed mitigation instructions, please see Siemens Security Advisory SSA-350846 at the following location:
- http://www.siemens.com/cert/advisories
- In addition, ICS-CERT recommends that users take the following measures to protect themselves from social engineering attacks:
Affected Vendors
Siemens
Affected Products (2)
Siemens
·
TPOP firmware
< 01.01.00
Siemens
·
IEC 61850 firmware
< 4.29.01
Affected Sectors
Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more