ICSA-21-315-09
·
Published 2022-03-10
·
View on CISA ICS-CERT ↗
Siemens Climatix POL909 (Update A)
CVSS 6.4
MEDIUM
Risk Summary
Successful exploitation of this vulnerability could allow sensitive data disclosure or modification of data in transit.
CVEs (1)
Remediations
- Siemens recommends users update the following software to the latest version:
- For specific update information, please refer to Siemens Security Advisory SSA-252466
- Siemens has not identified any additional specific workarounds or mitigations.
- As a general security measure, Siemens strongly recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens ' operational guidelines for industrial security, and follow the recommendations in the product manuals.
- Additional information on industrial security by Siemens can be found at: https://www.siemens.com/industrialsecurity
- For additional information, please refer to Siemens Security Advisory SSA-703715
Affected Vendors
Siemens
Affected Products (2)
Siemens
·
Climatix POL909 (AWM module)
< 11.34
Siemens
·
Climatix POL909 (AWB module)
< 11.34
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more