ICSA-21-194-13
·
Published 2021-09-14
·
View on CISA ICS-CERT ↗
Siemens SINAMICS PERFECT HARMONY GH180 (Update A)
CVSS 8.1
HIGH
Risk Summary
Successful exploitation of this vulnerability could result in arbitrary code execution and unauthorized access to sensitive data.
CVEs (1)
Remediations
- Siemens has identified the following specific mitigations and workarounds users can apply to reduce the risk:
- As a general security measure, Siemens strongly recommends users protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends users configure the environment according to Siemens operational guidelines for industrial security, and follow the recommendations in the product manual. Additional information on industrial security by Siemens can be found at: https://www.siemens.com/industrialsecurity For more information about this issue, please see Siemens security advisories SSA-434535 and SSA-434534.
Affected Vendors
Siemens
Affected Products (3)
Siemens
·
SINAMICS PERFECT HARMONY GH180 Drives
< 2021-8-13
Siemens
·
SINAMICS PERFECT HARMONY model 6SR4
W41 with X30 air - air hex
Siemens
·
SINAMICS PERFECT HARMONY model 6SR5
A84 | A85 E06 W41 with X30 air - air hex
Affected Sectors
Critical Manufacturing, Energy
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more