← Back to home
ICSA-18-067-02  ·  Published 2019-02-12  ·  View on CISA ICS-CERT ↗

ICSA-18-067-02_Siemens SIPROTEC 4, SIPROTEC Compact, and Reyrolle Devices using the EN100 Ethernet Communication Module Extension (Update B)

CVSS 7.5 HIGH

CVEs (1)

Remediations

  • For all other affected products, Siemens has identified the following specific workarounds and mitigations that users can apply to reduce the risk. As a general security measure Siemens strongly recommends to protect network access with appropriate mechanisms (e.g., firewalls, segmentation, VPN). It is advised to configure the environment according to Siemens ' operational guidelines in order to run the devices in a protected IT environment.
  • EN100 Ethernet module DNP3 variant (All versions prior to v1.04): Update to v1.04 and configure maintenance password, which can be located here: https://support.industry.siemens.com/cs/us/en/ view/109745821
  • EN100 Ethernet module IEC 61850 variant (All versions prior to v4.30): Update to v4.30, which can be located here: https://support.industry.siemens.com/cs/us/en/view/109745821
  • EN100 Ethernet module IEC 104 variant: Update to v1.22, which can be located here: https://support.industry.siemens.com/cs/document/109745821

Affected Vendors

Siemens

Affected Products (5)

Siemens · EN100 Ethernet module DNP3 variant < 1.04
Siemens · EN100 Ethernet module IEC 61850 variant < 4.30
Siemens · EN100 Ethernet module Modbus TCP variant vers:all/*
Siemens · EN100 Ethernet module PROFINET IO variant vers:all/*
Siemens · EN100 Ethernet module IEC 104 variant < 1.22

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more