← Back to home
ICSA-18-347-02  ·  Published 2019-02-12  ·  View on CISA ICS-CERT ↗

ICSA-18-347-02 Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays (Update A)

CVSS 7.5 HIGH

CVEs (2)

Remediations

  • Update to V4.33 - Download: https://support.industry.siemens.com/cs/us/en/view/109745821 Applying the update causes the module to go through a single restart cycle.
  • See recommendations from section Workaround and Mitigations
  • Update to V1.22 - Download: https://support.industry.siemens.com/cs/us/en/view/109745821 Applying the update causes the module to go through a single restart cycle.
  • Update to firmware version V7.80 for the following device types: 6MD85, 6MD86, 7SS85, 7KE85, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, and 7UT87. - Download: Search for "SIPROTEC 5 <Device type> - DIGSI Device Drivers V7.8x" under https://support.industry.siemens.com/. The firmware version V7.80 for the communications modules can also be found on each device specific download page: See under "Additional DIGSI Device Driver - V7.8x", article "Protocols". Applying the update causes the device / module to go through a single restart cycle.
  • Update to firmware version V7.58 for the following device types: 6MD85, 6MD86, 7SS85, 7KE85, 7UM85, 7SA87, 7SD87, 7SL87, 7VK87, 7SA82, 7SA86, 7SD82, 7SD86, 7SL82, 7SL86, 7SJ86, 7SK82, 7SK85, 7SJ82, 7SJ85, 7UT82, 7UT85, 7UT86, and 7UT87. - Download: Search for “SIPROTEC 5 <Device type> - DIGSI Device Drivers V7.58” under https:/support.industry.siemens.com/. The firmware version V7.58 for the device can be found under the section “Previous Versions.” The firmware version V7.58 for the communications modules can also be found on each device’s download page. See in the “Previous Versions” section, article “Protocols”. Applying the update causes the device / module to go through a single restart cycle.
  • Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk: Block access to port 102/tcp e.g. with an external firewall.
  • Siemens has identified the following specific workarounds and mitigations thatcustomers can apply to reduce the risk: Block access to port 102/tcp e.g. with an external firewall.

Affected Vendors

Siemens

Affected Products (7)

Siemens · Firmware variant IEC 61850 for EN100 Ethernet module <V4.33
Siemens · Firmware variant PROFINET IO for EN100 Ethernet module vers:all/*
Siemens · Firmware variant Modbus TCP for EN100 Ethernet module vers:all/*
Siemens · Firmware variant DNP3 TCP for EN100 Ethernet module vers:all/*
Siemens · Firmware variant IEC104 for EN100 Ethernet module <V1.22
Siemens · SIPROTEC 5 relays with CPU variants CP300 and CP100 and the respective <V7.80
Siemens · SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet <V7.58

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more