ICSA-18-058-01A
·
Published 2020-02-10
·
View on CISA ICS-CERT ↗
Siemens SIMATIC Industrial PCs (Update A)
CVSS 5.9
MEDIUM
CVEs (1)
Remediations
- Only RSA key pairs generated by the TPM are affected by this vulnerability. Rekeying of the TPM by using other cryptograhpic algorithms (e.g. ECC), using 3936-bit RSA keys, or importing RSA keys to the TPM that are generated by other systems help mitigate the security vulnerability.
- Update BIOS to V22.01.04 https://support.industry.siemens.com/cs/ww/en/view/109738122
- Update BIOS to V20.01.10 https://support.industry.siemens.com/cs/ww/en/view/109481715
- Update BIOS to V21.01.07 https://support.industry.siemens.com/cs/ww/en/view/109742593
- Update BIOS to R1.21.0 https://support.industry.siemens.com/cs/ww/en/view/109750349
- Update BIOS to V23.01.03 https://support.industry.siemens.com/cs/ww/en/view/109748173
Affected Vendors
Siemens
Affected Products (7)
Siemens
·
SIMATIC Field-PG M5
<BIOS_V22.01.04
Siemens
·
SIMATIC IPC227E
<BIOS_V20.01.10
Siemens
·
SIMATIC IPC277E
<BIOS_V20.01.10
Siemens
·
SIMATIC IPC427E (incl. SIPLUS variants)
<BIOS_V21.01.07
Siemens
·
SIMATIC IPC477E
<BIOS_V21.01.07
Siemens
·
SIMATIC IPC547G
<BIOS_R1.21.0
Siemens
·
SIMATIC ITP1000
<BIOS_V23.01.03
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more