← Back to home
ICSA-18-023-02  ·  Published 2019-02-12  ·  View on CISA ICS-CERT ↗

ICSA-18-023-02 Siemens Industrial Products (Update A)

CVSS 6.5 MEDIUM

CVEs (1)

Remediations

  • Update to V01.01.01 - Download: https://support.industry.siemens.com/cs/de/en/view/109750351
  • Update to V2.1.82 - Download: https://support.industry.siemens.com/cs/ww/en/view/109749515
  • Update to V1.1 - Download: https://support.industry.siemens.com/cs/ww/en/view/109763307
  • Siemens has identified the following specific workarounds and mitigations thatcustomers can apply to reduce the risk: Apply cell protection concept.
  • Siemens has identified the following specific workarounds and mitigations thatcustomers can apply to reduce the risk: Use VPN for protecting network communication between cells.
  • Siemens has identified the following specific workarounds and mitigations thatcustomers can apply to reduce the risk: Apply Defense-in-Depth: https://www.siemens.com/cert/operational-guidelines-industrial-security

Affected Vendors

Siemens

Affected Products (8)

Siemens · Extension Unit 12" PROFINET <V01.01.01
Siemens · Extension Unit 15" PROFINET <V01.01.01
Siemens · Extension Unit 19" PROFINET <V01.01.01
Siemens · Extension Unit 22" PROFINET <V01.01.01
Siemens · SIMATIC CP 1242-7 GPRS V2 <V2.1.82
Siemens · SIMATIC CP 1243-7 LTE/US <V2.1.82
Siemens · SIMATIC CP 1243-8 <V2.1.82
Siemens · SIMATIC CP 1626 <V1.1

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more