ICSA-18-282-05
·
Published 2020-02-10
·
View on CISA ICS-CERT ↗
Siemens SIMATIC S7-1500, SIMATIC S7-1500 Software Controller and SIMATIC ET 200SP OpenController (Update A)
CVSS 5.3
MEDIUM
CVEs (1)
Remediations
- Restrict network access to affected devices
- Apply cell-protection concept
- Apply defense-in-depth
- Update to V2.1.6 https://support.industry.siemens.com/cs/us/en/view/109759122
- Update to V2.5 or newer https://support.industry.siemens.com/cs/us/en/ps/13717/dl
- Update to V2.5 or newer https://support.industry.siemens.com/cs/us/en/view/109478528
Affected Vendors
Siemens
Affected Products (3)
Siemens
·
SIMATIC ET 200SP Open Controller (incl. SIPLUS variants)
>=V2.0_and_<V2.1.6
Siemens
·
SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)
>=V2.0_and_<V2.5
Siemens
·
SIMATIC S7-1500 Software Controller
>=V2.0_and_<V2.5
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more