ICSA-20-196-04
·
Published 2020-07-14
·
View on CISA ICS-CERT ↗
Siemens SIMATIC HMI Panels
CVSS 5.7
MEDIUM
CVEs (1)
Remediations
- Avoid program transfer over large networks to prevent an attacker from sniffing potential unencrypted traffic.
- As much as possible, connect the Engineering Station (or device with the WinCC Engineering software) directly to the HMI without using any network device in between.
Affected Vendors
Siemens
Affected Products (6)
Siemens
·
SIMATIC HMI Basic Panels 1st Generation (incl.'SIPLUS variants)
vers:all/*
Siemens
·
SIMATIC HMI Basic Panels 2nd Generation (incl.'SIPLUS variants)
vers:all/*
Siemens
·
SIMATIC HMI Comfort Panels (incl.'SIPLUS variants)
vers:all/*
Siemens
·
SIMATIC HMI KTP700F Mobile Arctic
vers:all/*
Siemens
·
SIMATIC HMI Mobile Panels 2nd Generation
vers:all/*
Siemens
·
SIMATIC WinCC Runtime Advanced
vers:all/*
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more